├── .github └── workflows │ ├── build.yml │ └── slither.yml ├── .gitignore ├── .gitmodules ├── Cargo.lock ├── Cargo.toml ├── LICENSE ├── README.md ├── evm ├── .env.example ├── .gitignore ├── Makefile ├── README.md ├── broadcast │ ├── AttestationScript.s.sol │ │ ├── 1 │ │ │ ├── configVerifier-latest.json │ │ │ └── deployEntrypoint-latest.json │ │ ├── 10 │ │ │ ├── configVerifier-latest.json │ │ │ └── deployEntrypoint-latest.json │ │ ├── 56 │ │ │ ├── configVerifier-latest.json │ │ │ └── deployEntrypoint-latest.json │ │ ├── 97 │ │ │ ├── configVerifier-latest.json │ │ │ └── deployEntrypoint-latest.json │ │ ├── 137 │ │ │ ├── configVerifier-latest.json │ │ │ └── deployEntrypoint-latest.json │ │ ├── 480 │ │ │ └── deployEntrypoint-latest.json │ │ ├── 1301 │ │ │ ├── configVerifier-latest.json │ │ │ └── deployEntrypoint-latest.json │ │ ├── 4801 │ │ │ ├── configVerifier-latest.json │ │ │ └── deployEntrypoint-latest.json │ │ ├── 8453 │ │ │ ├── configVerifier-latest.json │ │ │ ├── configureZk-latest.json │ │ │ └── deployEntrypoint-latest.json │ │ ├── 17000 │ │ │ ├── configVerifier-latest.json │ │ │ └── deployEntrypoint-latest.json │ │ ├── 42161 │ │ │ ├── configVerifier-latest.json │ │ │ └── deployEntrypoint-latest.json │ │ ├── 43113 │ │ │ ├── configVerifier-latest.json │ │ │ └── deployEntrypoint-latest.json │ │ ├── 43114 │ │ │ ├── configVerifier-latest.json │ │ │ └── deployEntrypoint-latest.json │ │ ├── 65536 │ │ │ ├── configVerifier-latest.json │ │ │ └── deployEntrypoint-latest.json │ │ ├── 80002 │ │ │ ├── configVerifier-latest.json │ │ │ └── deployEntrypoint-latest.json │ │ ├── 84532 │ │ │ ├── configVerifier-latest.json │ │ │ └── deployEntrypoint-latest.json │ │ ├── 421614 │ │ │ ├── configVerifier-latest.json │ │ │ └── deployEntrypoint-latest.json │ │ ├── 560048 │ │ │ ├── configVerifier-latest.json │ │ │ └── deployEntrypoint-latest.json │ │ ├── 1398243 │ │ │ ├── configVerifier-latest.json │ │ │ ├── configureZk-latest.json │ │ │ └── deployEntrypoint-latest.json │ │ ├── 11155111 │ │ │ ├── configVerifier-latest.json │ │ │ └── deployEntrypoint-latest.json │ │ └── 11155420 │ │ │ ├── configVerifier-latest.json │ │ │ └── deployEntrypoint-latest.json │ ├── DeployRouter.s.sol │ │ ├── 1 │ │ │ └── run-latest.json │ │ ├── 10 │ │ │ ├── run-latest.json │ │ │ └── setAuthorizedCaller-latest.json │ │ ├── 56 │ │ │ └── run-latest.json │ │ ├── 97 │ │ │ └── run-latest.json │ │ ├── 137 │ │ │ └── run-latest.json │ │ ├── 480 │ │ │ └── run-latest.json │ │ ├── 1301 │ │ │ └── run-latest.json │ │ ├── 4801 │ │ │ └── run-latest.json │ │ ├── 8453 │ │ │ ├── run-latest.json │ │ │ └── setAuthorizedCaller-latest.json │ │ ├── 17000 │ │ │ ├── run-latest.json │ │ │ └── setAuthorizedCaller-latest.json │ │ ├── 42161 │ │ │ └── run-latest.json │ │ ├── 43113 │ │ │ └── run-latest.json │ │ ├── 43114 │ │ │ └── run-latest.json │ │ ├── 65536 │ │ │ └── run-latest.json │ │ ├── 80002 │ │ │ └── run-latest.json │ │ ├── 84532 │ │ │ ├── run-latest.json │ │ │ └── setAuthorizedCaller-latest.json │ │ ├── 421614 │ │ │ ├── run-latest.json │ │ │ └── setAuthorizedCaller-latest.json │ │ ├── 560048 │ │ │ └── run-latest.json │ │ ├── 1398243 │ │ │ ├── run-latest.json │ │ │ └── setAuthorizedCaller-latest.json │ │ ├── 11155111 │ │ │ ├── run-latest.json │ │ │ └── setAuthorizedCaller-latest.json │ │ └── 11155420 │ │ │ ├── run-latest.json │ │ │ └── setAuthorizedCaller-latest.json │ ├── DeployV3.s.sol │ │ ├── 1 │ │ │ └── run-latest.json │ │ ├── 10 │ │ │ └── run-latest.json │ │ ├── 56 │ │ │ └── run-latest.json │ │ ├── 97 │ │ │ └── run-latest.json │ │ ├── 137 │ │ │ └── run-latest.json │ │ ├── 480 │ │ │ └── run-latest.json │ │ ├── 1301 │ │ │ └── run-latest.json │ │ ├── 4801 │ │ │ └── run-latest.json │ │ ├── 8453 │ │ │ └── run-latest.json │ │ ├── 17000 │ │ │ └── run-latest.json │ │ ├── 42161 │ │ │ └── run-latest.json │ │ ├── 43113 │ │ │ └── run-latest.json │ │ ├── 43114 │ │ │ └── run-latest.json │ │ ├── 65536 │ │ │ └── run-latest.json │ │ ├── 80002 │ │ │ └── run-latest.json │ │ ├── 84532 │ │ │ └── run-latest.json │ │ ├── 421614 │ │ │ └── run-latest.json │ │ ├── 560048 │ │ │ └── run-latest.json │ │ ├── 1398243 │ │ │ └── run-latest.json │ │ ├── 11155111 │ │ │ └── run-latest.json │ │ └── 11155420 │ │ │ └── run-latest.json │ ├── DeployV4.s.sol │ │ ├── 1 │ │ │ └── run-latest.json │ │ ├── 10 │ │ │ └── run-latest.json │ │ ├── 56 │ │ │ └── run-latest.json │ │ ├── 97 │ │ │ └── run-latest.json │ │ ├── 137 │ │ │ └── run-latest.json │ │ ├── 480 │ │ │ └── run-latest.json │ │ ├── 1301 │ │ │ └── run-latest.json │ │ ├── 4801 │ │ │ └── run-latest.json │ │ ├── 8453 │ │ │ └── run-latest.json │ │ ├── 17000 │ │ │ └── run-latest.json │ │ ├── 42161 │ │ │ └── run-latest.json │ │ ├── 43113 │ │ │ └── run-latest.json │ │ ├── 43114 │ │ │ └── run-latest.json │ │ ├── 65536 │ │ │ └── run-latest.json │ │ ├── 80002 │ │ │ └── run-latest.json │ │ ├── 84532 │ │ │ └── run-latest.json │ │ ├── 421614 │ │ │ └── run-latest.json │ │ ├── 560048 │ │ │ └── run-latest.json │ │ ├── 1398243 │ │ │ └── run-latest.json │ │ ├── 11155111 │ │ │ └── run-latest.json │ │ └── 11155420 │ │ │ └── run-latest.json │ └── multi │ │ ├── DeployRouter.s.sol-1744331370 │ │ └── grantAccessToStorage.json │ │ └── DeployRouter.s.sol-latest │ │ └── grantAccessToStorage.json ├── contracts │ ├── AttestationEntrypointBase.sol │ ├── AutomataDcapAttestationFee.sol │ ├── PCCSRouter.sol │ ├── bases │ │ ├── EnclaveIdBase.sol │ │ ├── FeeManagerBase.sol │ │ ├── QuoteVerifierBase.sol │ │ ├── TDXModuleBase.sol │ │ ├── X509ChainBase.sol │ │ └── tcb │ │ │ ├── TCBInfoV2Base.sol │ │ │ └── TCBInfoV3Base.sol │ ├── interfaces │ │ ├── IPCCSRouter.sol │ │ └── IQuoteVerifier.sol │ ├── types │ │ ├── CommonStruct.sol │ │ ├── Constants.sol │ │ ├── V3Structs.sol │ │ └── V4Structs.sol │ ├── utils │ │ ├── BELE.sol │ │ ├── BytesUtils.sol │ │ └── P256Verifier.sol │ └── verifiers │ │ ├── V3QuoteVerifier.sol │ │ └── V4QuoteVerifier.sol ├── deployment │ ├── 1 │ │ ├── dcap.json │ │ └── onchain_pccs.json │ ├── 10 │ │ ├── dcap.json │ │ └── onchain_pccs.json │ ├── 56 │ │ ├── dcap.json │ │ └── onchain_pccs.json │ ├── 97 │ │ ├── dcap.json │ │ └── onchain_pccs.json │ ├── 137 │ │ ├── dcap.json │ │ └── onchain_pccs.json │ ├── 480 │ │ ├── dcap.json │ │ └── onchain_pccs.json │ ├── 1301 │ │ ├── dcap.json │ │ └── onchain_pccs.json │ ├── 4801 │ │ ├── dcap.json │ │ └── onchain_pccs.json │ ├── 8453 │ │ ├── dcap.json │ │ └── onchain_pccs.json │ ├── 17000 │ │ ├── dcap.json │ │ └── onchain_pccs.json │ ├── 42161 │ │ ├── dcap.json │ │ └── onchain_pccs.json │ ├── 43113 │ │ ├── dcap.json │ │ └── onchain_pccs.json │ ├── 43114 │ │ ├── dcap.json │ │ └── onchain_pccs.json │ ├── 65536 │ │ ├── dcap.json │ │ └── onchain_pccs.json │ ├── 80002 │ │ ├── dcap.json │ │ └── onchain_pccs.json │ ├── 84532 │ │ ├── dcap.json │ │ └── onchain_pccs.json │ ├── 421614 │ │ ├── dcap.json │ │ └── onchain_pccs.json │ ├── 560048 │ │ ├── dcap.json │ │ └── onchain_pccs.json │ ├── 1398243 │ │ ├── dcap.json │ │ └── onchain_pccs.json │ ├── 11155111 │ │ ├── dcap.json │ │ └── onchain_pccs.json │ └── 11155420 │ │ ├── dcap.json │ │ └── onchain_pccs.json ├── docs │ ├── OnChainQuoteAttestation.md │ └── PCCSRouter.md ├── forge-script │ ├── AttestationScript.s.sol │ ├── DeployRouter.s.sol │ ├── utils │ │ ├── DeploymentConfig.sol │ │ ├── Multichain.sol │ │ ├── P256Configuration.sol │ │ └── Salt.sol │ └── verifiers │ │ ├── DeployV3.s.sol │ │ └── DeployV4.s.sol ├── forge-test │ ├── AutomataDcapAttestationFeeTest.t.sol │ ├── AutomataDcapAttestationTest.t.sol │ ├── AutomataDcapOnChainAttestationTest.t.sol │ ├── AutomataDcapZkTest.t.sol │ ├── assets │ │ ├── 0225 │ │ │ ├── qe_td.json │ │ │ └── tcbinfo.json │ │ └── 0624 │ │ │ ├── identity.json │ │ │ ├── qeidentityv2_apiv4.json │ │ │ ├── tcbinfo.json │ │ │ └── tcbinfov3_00806f050000.json │ └── utils │ │ ├── PCCSSetupBase.sol │ │ ├── RiscZeroSetup.sol │ │ └── succinct │ │ ├── Groth16Setup.sol │ │ └── PlonkSetup.sol ├── foundry.toml └── js │ ├── abi │ └── AutomataDcapAttestationFee.json │ ├── data │ ├── quote.hex │ ├── quoteV3.hex │ └── sample.hex │ ├── index.js │ ├── package.json │ └── yarn.lock ├── releases └── evm-v1.0.0 │ └── NOTE.md └── solana ├── .gitignore ├── automata-dcap-client ├── Cargo.toml ├── README.md └── src │ ├── bin │ └── counter.rs │ ├── create.rs │ ├── delete.rs │ ├── lib.rs │ └── verify.rs ├── docs └── images │ └── DCAP Solana Diagram.jpg └── programs ├── automata-dcap-program ├── Cargo.toml ├── README.md └── src │ ├── entrypoint.rs │ ├── error.rs │ ├── instruction.rs │ ├── lib.rs │ ├── processor │ ├── mod.rs │ ├── risc0.rs │ └── sp1.rs │ ├── state.rs │ └── tests │ ├── counter.rs │ ├── delete.rs │ ├── fixtures │ ├── dcap_sp1_program.so │ └── groth_16_verifier.so │ ├── mod.rs │ ├── risc0.rs │ └── sp1.rs └── dcap-sp1-solana-program ├── Cargo.toml └── src └── lib.rs /.github/workflows/build.yml: -------------------------------------------------------------------------------- 1 | name: Foundry Build CI/CD 2 | 3 | on: 4 | push: 5 | branches: [main, development] 6 | pull_request: 7 | branches: [main] 8 | 9 | workflow_dispatch: 10 | 11 | jobs: 12 | check: 13 | strategy: 14 | fail-fast: true 15 | 16 | name: Foundry project 17 | runs-on: ubuntu-latest 18 | 19 | defaults: 20 | run: 21 | working-directory: evm 22 | 23 | steps: 24 | - uses: actions/checkout@v4 25 | with: 26 | submodules: recursive 27 | 28 | - name: Install Foundry 29 | uses: foundry-rs/foundry-toolchain@v1 30 | with: 31 | version: stable 32 | 33 | - name: Run Forge build 34 | run: | 35 | forge --version 36 | forge build --sizes 37 | id: build 38 | 39 | - name: Run Forge tests 40 | run: | 41 | forge test -vvv 42 | id: test 43 | 44 | - name: Run snapshot and Generate Summary 45 | run: NO_COLOR=1 forge snapshot --gas-report >> $GITHUB_STEP_SUMMARY -------------------------------------------------------------------------------- /.github/workflows/slither.yml: -------------------------------------------------------------------------------- 1 | name: Slither Static Analysis 2 | 3 | # Runs only on PR merging to main 4 | on: 5 | pull_request: 6 | branches: [ main ] 7 | types: [ opened, reopened, synchronize, ready_for_review ] 8 | 9 | workflow_dispatch: 10 | 11 | jobs: 12 | analyze: 13 | runs-on: ubuntu-latest 14 | 15 | # Do not run when PR is still a draft 16 | if: ${{ !github.event.pull_request.draft }} 17 | 18 | env: 19 | commit_url: ${{ github.server_url }}/${{ github.repository }}/blob/${{ github.event.pull_request.head.sha }}/ 20 | 21 | defaults: 22 | run: 23 | working-directory: evm 24 | 25 | steps: 26 | - uses: actions/checkout@v3 27 | 28 | - name: Run Slither 29 | uses: crytic/slither-action@v0.4.0 30 | id: slither 31 | with: 32 | fail-on: none 33 | slither-args: --checklist --show-ignored-findings --markdown-root ${{ env.commit_url }} 34 | sarif: results.sarif 35 | 36 | - name: Upload SARIF file 37 | uses: github/codeql-action/upload-sarif@v3 38 | with: 39 | sarif_file: ${{ steps.slither.outputs.sarif }} -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Ignores build artifacts 2 | **/target 3 | 4 | # Misc 5 | **/keystores 6 | **/.DS_Store 7 | **/.env 8 | **/node_modules/ -------------------------------------------------------------------------------- /.gitmodules: -------------------------------------------------------------------------------- 1 | [submodule "evm/lib/forge-std"] 2 | path = evm/lib/forge-std 3 | url = https://github.com/foundry-rs/forge-std 4 | [submodule "evm/lib/sp1-contracts"] 5 | path = evm/lib/sp1-contracts 6 | url = https://github.com/succinctlabs/sp1-contracts 7 | [submodule "evm/lib/automata-on-chain-pccs"] 8 | path = evm/lib/automata-on-chain-pccs 9 | url = https://github.com/automata-network/automata-on-chain-pccs 10 | [submodule "evm/lib/risc0-ethereum"] 11 | path = evm/lib/risc0-ethereum 12 | url = https://github.com/risc0/risc0-ethereum 13 | -------------------------------------------------------------------------------- /Cargo.toml: -------------------------------------------------------------------------------- 1 | [workspace] 2 | resolver = "2" 3 | members = [ 4 | "solana/automata-dcap-client", 5 | "solana/programs/*" 6 | ] 7 | 8 | [workspace.package] 9 | version = "0.1.0" 10 | edition = "2021" 11 | authors = ["Automata Team"] 12 | homepage = "https://ata.network/" 13 | license = "Apache-2.0" 14 | 15 | [workspace.dependencies] 16 | anyhow = { version = "^1.0.93" } 17 | borsh = { version = "^1.5.3" } 18 | sha2 = { version = "0.10.8" } 19 | hex = { version = "0.4.3" } 20 | solana-sdk = { version = "2.1.6" } 21 | solana-rpc-client = { version = "2.1.6" } 22 | solana-program = { version = "2.1.6" } 23 | 24 | # Patch zerorize, see: https://github.com/solana-labs/solana/issues/26688 25 | [patch.crates-io] 26 | curve25519-dalek = { git = "https://github.com/ivs/curve25519-dalek", branch = "rustls-dep-hell" } 27 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Permission is hereby granted, free of charge, to any 2 | person obtaining a copy of this software and associated 3 | documentation files (the "Software"), to deal in the 4 | Software without restriction, including without 5 | limitation the rights to use, copy, modify, merge, 6 | publish, distribute, sublicense, and/or sell copies of 7 | the Software, and to permit persons to whom the Software 8 | is furnished to do so, subject to the following 9 | conditions: 10 | 11 | The above copyright notice and this permission notice 12 | shall be included in all copies or substantial portions 13 | of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF 16 | ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED 17 | TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A 18 | PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT 19 | SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY 20 | CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION 21 | OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR 22 | IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER 23 | DEALINGS IN THE SOFTWARE. -------------------------------------------------------------------------------- /evm/.env.example: -------------------------------------------------------------------------------- 1 | DCAP_RISCZERO_IMAGE_ID=0x4cf071b3cc25d73e77f430b65f5700dd53522dacc21c1bfc0862b2e46fda3584 2 | DCAP_SP1_VKEY=0x0036efd519bb371b29a40322e40031833716e9441c6907f8aefc5e52ceebc9a6 3 | 4 | # cast wallet address --keystores keystore/dcap_prod 5 | OWNER=0xDf841B239bE7a6b37366005107069b7410da4Ff9 6 | 7 | ETHERSCAN_API_KEY= 8 | ETHERSCAN_API_VERSION=V2 9 | 10 | CHAINS="ATA_SEPOLIA,SEPOLIA,HOLESKY,OP_SEPOLIA,ARBITRUM_SEPOLIA,BASE_SEPOLIA,WORLD_SEPOLIA,AVALANCHE_C_FUJI,POLYGON_AMOY,BSC_TESTNET,HOODI_TESTNET,UNICHAIN_SEPOLIA,ATA,ETHEREUM,OP,ARBITRUM,BASE,WORLD,POLYGON,BSC,AVALANCHE_C" 11 | 12 | ATA_SEPOLIA_RPC_URL="" 13 | SEPOLIA_RPC_URL="" 14 | HOLESKY_RPC_URL="" 15 | OP_SEPOLIA_RPC_URL="" 16 | ARBITRUM_SEPOLIA_RPC_URL="" 17 | BASE_SEPOLIA_RPC_URL="" 18 | WORLD_SEPOLIA_RPC_URL="" 19 | AVALANCHE_C_FUJI_RPC_URL="" 20 | POLYGON_AMOY_RPC_URL="" 21 | BSC_TESTNET_RPC_URL="" 22 | HOODI_TESTNET_RPC_URL="" 23 | UNICHAIN_SEPOLIA_RPC_URL="" 24 | 25 | ATA_RPC_URL="" 26 | ETHEREUM_RPC_URL="" 27 | OP_RPC_URL="" 28 | ARBITRUM_RPC_URL="" 29 | BASE_RPC_URL="" 30 | WORLD_RPC_URL="" 31 | POLYGON_RPC_URL="" 32 | BSC_RPC_URL="" 33 | AVALANCHE_C_RPC_URL="" 34 | -------------------------------------------------------------------------------- /evm/.gitignore: -------------------------------------------------------------------------------- 1 | artifacts/ 2 | cache*/ 3 | **/.DS_Store 4 | out/ 5 | 6 | # Ignores development broadcast logs 7 | broadcast/**/31337/ 8 | broadcast/**/run-*.json 9 | broadcast/**/dry-run/ 10 | !broadcast/**/*-latest.json 11 | 12 | # Ignores local deployment 13 | deployment/31337 -------------------------------------------------------------------------------- /evm/README.md: -------------------------------------------------------------------------------- 1 | # Automata DCAP Attestation on EVM Guide 2 | 3 | ## Integration 4 | 5 | To integrate your contract with Automata DCAP Attestation, you need to first install [Foundry](https://book.getfoundry.sh/getting-started/installation). 6 | 7 | Add to your dependency, by running: 8 | 9 | ```bash 10 | forge install automata-network/automata-dcap-attestation 11 | ``` 12 | 13 | Then, add the following to your `remappings.txt` 14 | 15 | ``` 16 | @automata-network/dcap-attestation/=lib/automata-dcap-attestation/contracts/ 17 | ``` 18 | 19 | ## Example 20 | 21 | ```solidity 22 | import "@automata-network/dcap-attestation/AutomataDcapAttestationFee.sol"; 23 | 24 | contract ExampleDcapContract { 25 | 26 | AutomataDcapAttestationFee attest; 27 | 28 | constructor(address _attest) { 29 | attest = AutomataDcapAttestationFee(_attest); 30 | } 31 | 32 | // On-Chain Attestation example 33 | function attestOnChain(bytes calldata quote) public { 34 | (bool success, bytes memory output) = attest.verifyAndAttestOnChain(quote); 35 | 36 | if (success) { 37 | // ... implementation to handle successful attestations 38 | } else { 39 | string memory errorMessage = string(output); 40 | // ... implementation to handle failed attestations 41 | } 42 | } 43 | 44 | // SNARK Attestation example 45 | // ZkCoProcessorType can either be RiscZero or Succinct 46 | function attestWithSnark( 47 | bytes calldata output, 48 | ZkCoProcessorType zkvm, 49 | bytes calldata proofBytes 50 | ) public 51 | { 52 | (bool success, bytes memory output) = attest.verifyAndAttestWithZKProof( 53 | output, 54 | zkvm, 55 | proofBytes 56 | ); 57 | 58 | if (success) { 59 | // ... implementation to handle successful attestations 60 | } else { 61 | string memory errorMessage = string(output); 62 | // ... implementation to handle failed attestations 63 | } 64 | } 65 | 66 | } 67 | ``` 68 | 69 | --- 70 | 71 | ## BUIDL 🛠️ 72 | 73 | ### Getting Started 74 | 75 | Clone this repo, by running the following command: 76 | 77 | ```bash 78 | git clone https://github.com/automata-network/automata-dcap-attestation.git --recurse-submodules 79 | ``` 80 | 81 | ### Building With Foundry 82 | 83 | Compile the contracts: 84 | 85 | ```bash 86 | forge build 87 | ``` 88 | 89 | Testing the contracts: 90 | 91 | ```bash 92 | forge test 93 | ``` 94 | 95 | To view gas report, pass the `--gas-report` flag. 96 | 97 | To provide additional test cases, please include those in the `/forge-test` directory. 98 | 99 | To provide additional scripts, please include those in the `/forge-script` directory. 100 | 101 | ### Deployment Scripts 102 | 103 | Before beginning with contract deployment, it is recommended that you store your wallet key as an encrypted keystore using [`cast wallet import`](https://book.getfoundry.sh/reference/cast/cast-wallet-import) 104 | 105 | ```bash 106 | cast wallet import -k keystores dcap_prod --interactive 107 | ``` 108 | 109 | You may also simply pass your wallet key to the `PRIVATE_KEY` environment variable, but we do not recommend doing this with production keys. 110 | 111 | #### Deploy the PCCS Router: 112 | 113 | ```bash 114 | make deploy-router RPC_URL= 115 | ``` 116 | 117 | #### Deploy Automata DCAP Attestation Entrypoint: 118 | 119 | ```bash 120 | make deploy-attestation RPC_URL= 121 | ``` 122 | 123 | ### Automata DCAP Entrypoint zkVM Configuration 124 | 125 | | zkVM | zkVM Selector | zkVM Program ID | 126 | | --- | --- | --- | 127 | | RiscZero | 1 | `0x4cf071b3cc25d73e77f430b65f5700dd53522dacc21c1bfc0862b2e46fda3584` | 128 | | SP1 | 2 | `0x0036efd519bb371b29a40322e40031833716e9441c6907f8aefc5e52ceebc9a6` | 129 | 130 | ```bash 131 | make config-zk RPC_URL= ZKVM_SELECTOR= ZKVM_VERIFIER_ADDRESS=
ZKVM_PROGRAM_IDENTIFIER= 132 | ``` 133 | 134 | #### Deploy Quote Verifiers For All Supported Versions: 135 | 136 | ```bash 137 | make deploy-all-verifiers RPC_URL= 138 | ``` 139 | Currently, we only support V3 and V4 quotes. 140 | 141 | #### Deploy Quote Verifier For A Specific Version 142 | 143 | ```bash 144 | make deploy-verifier RPC_URL= QUOTE_VERIFIER_VERSION= 145 | ``` 146 | 147 | #### Add QuoteVerifier(s) to the Entrypoint contract: 148 | 149 | ```bash 150 | make config-verifier RPC_URL= QUOTE_VERIFIER_VERSION= 151 | ``` 152 | 153 | > ℹ️ **NOTE**: This command automatically grants the Quote Verifier read access to the PCCS Router. 154 | 155 | 156 | #### Explicitly Granting or Revoking the access privilege for the specified caller address to the PCCS Router 157 | 158 | ```bash 159 | make config-router RPC_URL= CALLER_ADDRESS=
AUTHORIZED= 160 | ``` 161 | -------------------------------------------------------------------------------- /evm/broadcast/AttestationScript.s.sol/10/configVerifier-latest.json: -------------------------------------------------------------------------------- 1 | { 2 | "transactions": [ 3 | { 4 | "hash": "0x0cdd2563c2c504186c1df648dc1a89b8a1434c221ce60e2d50788d86f0808f15", 5 | "transactionType": "CALL", 6 | "contractName": null, 7 | "contractAddress": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 8 | "function": "setQuoteVerifier(address)", 9 | "arguments": [ 10 | "0xD34Cf419AF06629e158DB5F67541AaF2230290FB" 11 | ], 12 | "transaction": { 13 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 14 | "to": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 15 | "gas": "0x1204e", 16 | "value": "0x0", 17 | "input": "0xce3fe7ee000000000000000000000000d34cf419af06629e158db5f67541aaf2230290fb", 18 | "nonce": "0x12", 19 | "chainId": "0xa" 20 | }, 21 | "additionalContracts": [], 22 | "isFixedGasLimit": false 23 | } 24 | ], 25 | "receipts": [ 26 | { 27 | "status": "0x1", 28 | "cumulativeGasUsed": "0x538e42", 29 | "logs": [ 30 | { 31 | "address": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 32 | "topics": [ 33 | "0x7e5c4b82142a1c29b046d2a0dfe9550098e0d2e1479fdd947483b3bb1ea4e6b3", 34 | "0x0000000000000000000000000000000000000000000000000000000000000004" 35 | ], 36 | "data": "0x", 37 | "blockHash": "0x22a81743b5eb74e54cf62b6879ddd0a9aaee951cb8a94ec334566b36953682cb", 38 | "blockNumber": "0x7f35db0", 39 | "transactionHash": "0x0cdd2563c2c504186c1df648dc1a89b8a1434c221ce60e2d50788d86f0808f15", 40 | "transactionIndex": "0xf", 41 | "logIndex": "0x2b", 42 | "removed": false 43 | } 44 | ], 45 | "logsBloom": "0x00000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000040000000000000000000000000000000100000000000000004000000000000008000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", 46 | "type": "0x2", 47 | "transactionHash": "0x0cdd2563c2c504186c1df648dc1a89b8a1434c221ce60e2d50788d86f0808f15", 48 | "transactionIndex": "0xf", 49 | "blockHash": "0x22a81743b5eb74e54cf62b6879ddd0a9aaee951cb8a94ec334566b36953682cb", 50 | "blockNumber": "0x7f35db0", 51 | "gasUsed": "0xc522", 52 | "effectiveGasPrice": "0x11043", 53 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 54 | "to": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 55 | "contractAddress": null, 56 | "l1BaseFeeScalar": "0x146b", 57 | "l1BlobBaseFee": "0x1", 58 | "l1BlobBaseFeeScalar": "0xf79c5", 59 | "l1Fee": "0xe3bc1d73", 60 | "l1GasPrice": "0x1b3b078a", 61 | "l1GasUsed": "0x640" 62 | } 63 | ], 64 | "libraries": [], 65 | "pending": [], 66 | "returns": {}, 67 | "timestamp": 1742378267, 68 | "chain": 10, 69 | "commit": "042a564" 70 | } -------------------------------------------------------------------------------- /evm/broadcast/AttestationScript.s.sol/11155111/configVerifier-latest.json: -------------------------------------------------------------------------------- 1 | { 2 | "transactions": [ 3 | { 4 | "hash": "0x1380381929969f9e53d07ab1dbb8a12cdde5fdb3b9e0e124a3538ba0a4d2e16f", 5 | "transactionType": "CALL", 6 | "contractName": null, 7 | "contractAddress": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 8 | "function": "setQuoteVerifier(address)", 9 | "arguments": [ 10 | "0x1a9E873C041F566fCBAdbD9e1358095b7Ea12AA8" 11 | ], 12 | "transaction": { 13 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 14 | "to": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 15 | "gas": "0x1204e", 16 | "value": "0x0", 17 | "input": "0xce3fe7ee0000000000000000000000001a9e873c041f566fcbadbd9e1358095b7ea12aa8", 18 | "nonce": "0x12", 19 | "chainId": "0xaa36a7" 20 | }, 21 | "additionalContracts": [], 22 | "isFixedGasLimit": false 23 | } 24 | ], 25 | "receipts": [ 26 | { 27 | "status": "0x1", 28 | "cumulativeGasUsed": "0x1b078b5", 29 | "logs": [ 30 | { 31 | "address": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 32 | "topics": [ 33 | "0x7e5c4b82142a1c29b046d2a0dfe9550098e0d2e1479fdd947483b3bb1ea4e6b3", 34 | "0x0000000000000000000000000000000000000000000000000000000000000004" 35 | ], 36 | "data": "0x", 37 | "blockHash": "0x3a309440f41126b5579d234d3af653fae47b1151ba12c6014e8e4f24bb4a6818", 38 | "blockNumber": "0x790f53", 39 | "blockTimestamp": "0x67da75cc", 40 | "transactionHash": "0x1380381929969f9e53d07ab1dbb8a12cdde5fdb3b9e0e124a3538ba0a4d2e16f", 41 | "transactionIndex": "0x8e", 42 | "logIndex": "0x114", 43 | "removed": false 44 | } 45 | ], 46 | "logsBloom": "0x00000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000040000000000000000000000000000000100000000000000004000000000000008000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", 47 | "type": "0x2", 48 | "transactionHash": "0x1380381929969f9e53d07ab1dbb8a12cdde5fdb3b9e0e124a3538ba0a4d2e16f", 49 | "transactionIndex": "0x8e", 50 | "blockHash": "0x3a309440f41126b5579d234d3af653fae47b1151ba12c6014e8e4f24bb4a6818", 51 | "blockNumber": "0x790f53", 52 | "gasUsed": "0xc522", 53 | "effectiveGasPrice": "0xc21017", 54 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 55 | "to": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 56 | "contractAddress": null 57 | } 58 | ], 59 | "libraries": [], 60 | "pending": [], 61 | "returns": {}, 62 | "timestamp": 1742370254, 63 | "chain": 11155111, 64 | "commit": "f6d8937" 65 | } -------------------------------------------------------------------------------- /evm/broadcast/AttestationScript.s.sol/11155420/configVerifier-latest.json: -------------------------------------------------------------------------------- 1 | { 2 | "transactions": [ 3 | { 4 | "hash": "0xbee2859d8422f89100672aa64b35eb44dd5698ca67c86380530fe362d1cf9087", 5 | "transactionType": "CALL", 6 | "contractName": null, 7 | "contractAddress": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 8 | "function": "setQuoteVerifier(address)", 9 | "arguments": [ 10 | "0xD34Cf419AF06629e158DB5F67541AaF2230290FB" 11 | ], 12 | "transaction": { 13 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 14 | "to": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 15 | "gas": "0x1204e", 16 | "value": "0x0", 17 | "input": "0xce3fe7ee000000000000000000000000d34cf419af06629e158db5f67541aaf2230290fb", 18 | "nonce": "0x14", 19 | "chainId": "0xaa37dc" 20 | }, 21 | "additionalContracts": [], 22 | "isFixedGasLimit": false 23 | } 24 | ], 25 | "receipts": [ 26 | { 27 | "status": "0x1", 28 | "cumulativeGasUsed": "0x4f6a0", 29 | "logs": [ 30 | { 31 | "address": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 32 | "topics": [ 33 | "0x7e5c4b82142a1c29b046d2a0dfe9550098e0d2e1479fdd947483b3bb1ea4e6b3", 34 | "0x0000000000000000000000000000000000000000000000000000000000000004" 35 | ], 36 | "data": "0x", 37 | "blockHash": "0x8b9b518815f4202a50ab33df7219a53f70dfdb3c4bf62a84f8eea931ea4750f2", 38 | "blockNumber": "0x181d030", 39 | "transactionHash": "0xbee2859d8422f89100672aa64b35eb44dd5698ca67c86380530fe362d1cf9087", 40 | "transactionIndex": "0x4", 41 | "logIndex": "0x5", 42 | "removed": false 43 | } 44 | ], 45 | "logsBloom": "0x00000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000040000000000000000000000000000000100000000000000004000000000000008000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", 46 | "type": "0x2", 47 | "transactionHash": "0xbee2859d8422f89100672aa64b35eb44dd5698ca67c86380530fe362d1cf9087", 48 | "transactionIndex": "0x4", 49 | "blockHash": "0x8b9b518815f4202a50ab33df7219a53f70dfdb3c4bf62a84f8eea931ea4750f2", 50 | "blockNumber": "0x181d030", 51 | "gasUsed": "0xc522", 52 | "effectiveGasPrice": "0xf435b", 53 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 54 | "to": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 55 | "contractAddress": null, 56 | "l1BaseFeeScalar": "0x1db0", 57 | "l1BlobBaseFee": "0x1", 58 | "l1BlobBaseFeeScalar": "0xd2730", 59 | "l1Fee": "0xeca7c88", 60 | "l1GasPrice": "0x137637a", 61 | "l1GasUsed": "0x640" 62 | } 63 | ], 64 | "libraries": [], 65 | "pending": [], 66 | "returns": {}, 67 | "timestamp": 1742371853, 68 | "chain": 11155420, 69 | "commit": "f6d8937" 70 | } -------------------------------------------------------------------------------- /evm/broadcast/AttestationScript.s.sol/1398243/configVerifier-latest.json: -------------------------------------------------------------------------------- 1 | { 2 | "transactions": [ 3 | { 4 | "hash": "0xc0db8f225f795860e496526d8a01238fd14f508adeffb20cf4392c484afe8b1d", 5 | "transactionType": "CALL", 6 | "contractName": null, 7 | "contractAddress": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 8 | "function": "setQuoteVerifier(address)", 9 | "arguments": [ 10 | "0xD34Cf419AF06629e158DB5F67541AaF2230290FB" 11 | ], 12 | "transaction": { 13 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 14 | "to": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 15 | "gas": "0x1204e", 16 | "value": "0x0", 17 | "input": "0xce3fe7ee000000000000000000000000d34cf419af06629e158db5f67541aaf2230290fb", 18 | "nonce": "0x12", 19 | "chainId": "0x1555e3" 20 | }, 21 | "additionalContracts": [], 22 | "isFixedGasLimit": false 23 | } 24 | ], 25 | "receipts": [ 26 | { 27 | "status": "0x1", 28 | "cumulativeGasUsed": "0x19128", 29 | "logs": [ 30 | { 31 | "address": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 32 | "topics": [ 33 | "0x7e5c4b82142a1c29b046d2a0dfe9550098e0d2e1479fdd947483b3bb1ea4e6b3", 34 | "0x0000000000000000000000000000000000000000000000000000000000000004" 35 | ], 36 | "data": "0x", 37 | "blockHash": "0x1ea1351bccc76f400d78fe7cd110864e3630ef90f43d969473b4ad498867bd87", 38 | "blockNumber": "0xb34f60", 39 | "transactionHash": "0xc0db8f225f795860e496526d8a01238fd14f508adeffb20cf4392c484afe8b1d", 40 | "transactionIndex": "0x1", 41 | "logIndex": "0x0", 42 | "removed": false 43 | } 44 | ], 45 | "logsBloom": "0x00000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000040000000000000000000000000000000100000000000000004000000000000008000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", 46 | "type": "0x2", 47 | "transactionHash": "0xc0db8f225f795860e496526d8a01238fd14f508adeffb20cf4392c484afe8b1d", 48 | "transactionIndex": "0x1", 49 | "blockHash": "0x1ea1351bccc76f400d78fe7cd110864e3630ef90f43d969473b4ad498867bd87", 50 | "blockNumber": "0xb34f60", 51 | "gasUsed": "0xc522", 52 | "effectiveGasPrice": "0x2dc9b4", 53 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 54 | "to": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 55 | "contractAddress": null, 56 | "l1BaseFeeScalar": "0x558", 57 | "l1BlobBaseFee": "0x1", 58 | "l1BlobBaseFeeScalar": "0xc5fc5", 59 | "l1Fee": "0x111cd2c", 60 | "l1GasPrice": "0x7d176b", 61 | "l1GasUsed": "0x640" 62 | } 63 | ], 64 | "libraries": [], 65 | "pending": [], 66 | "returns": {}, 67 | "timestamp": 1742368416, 68 | "chain": 1398243, 69 | "commit": "f6d8937" 70 | } -------------------------------------------------------------------------------- /evm/broadcast/AttestationScript.s.sol/1398243/configureZk-latest.json: -------------------------------------------------------------------------------- 1 | { 2 | "transactions": [ 3 | { 4 | "hash": "0x5ce8906c2c9363b31c794f08b7f6c3365d9e79fc0b8c3d8d032e4eca2cbe97d9", 5 | "transactionType": "CALL", 6 | "contractName": null, 7 | "contractAddress": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 8 | "function": "setZkConfiguration(uint8,(bytes32,address))", 9 | "arguments": [ 10 | "1", 11 | "(0x4cf071b3cc25d73e77f430b65f5700dd53522dacc21c1bfc0862b2e46fda3584, 0xaE7F7EC735b6A90366e55f87780b36e7e6Ec3c65)" 12 | ], 13 | "transaction": { 14 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 15 | "to": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 16 | "gas": "0xb5c0", 17 | "value": "0x0", 18 | "input": "0x25e11c7500000000000000000000000000000000000000000000000000000000000000014cf071b3cc25d73e77f430b65f5700dd53522dacc21c1bfc0862b2e46fda3584000000000000000000000000ae7f7ec735b6a90366e55f87780b36e7e6ec3c65", 19 | "nonce": "0x1a", 20 | "chainId": "0x1555e3" 21 | }, 22 | "additionalContracts": [], 23 | "isFixedGasLimit": false 24 | } 25 | ], 26 | "receipts": [ 27 | { 28 | "status": "0x1", 29 | "cumulativeGasUsed": "0x12ed8", 30 | "logs": [ 31 | { 32 | "address": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 33 | "topics": [ 34 | "0xb35538ad1e92ffa864ae8dfa1b6c312bcdb6164cf56a52ad554729a0e6c2d68a", 35 | "0x0000000000000000000000000000000000000000000000000000000000000001" 36 | ], 37 | "data": "0x4cf071b3cc25d73e77f430b65f5700dd53522dacc21c1bfc0862b2e46fda3584000000000000000000000000ae7f7ec735b6a90366e55f87780b36e7e6ec3c65", 38 | "blockHash": "0x0246287fb84064f9368c3fb05b06d2d9881d9c1ac55ab28eba046fd2d87f5583", 39 | "blockNumber": "0xeac22a", 40 | "transactionHash": "0x5ce8906c2c9363b31c794f08b7f6c3365d9e79fc0b8c3d8d032e4eca2cbe97d9", 41 | "transactionIndex": "0x1", 42 | "logIndex": "0x0", 43 | "removed": false 44 | } 45 | ], 46 | "logsBloom": "0x00000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000040000004000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000040000000000100000000000000000000000000000000", 47 | "type": "0x2", 48 | "transactionHash": "0x5ce8906c2c9363b31c794f08b7f6c3365d9e79fc0b8c3d8d032e4eca2cbe97d9", 49 | "transactionIndex": "0x1", 50 | "blockHash": "0x0246287fb84064f9368c3fb05b06d2d9881d9c1ac55ab28eba046fd2d87f5583", 51 | "blockNumber": "0xeac22a", 52 | "gasUsed": "0x8396", 53 | "effectiveGasPrice": "0xfd", 54 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 55 | "to": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 56 | "contractAddress": null, 57 | "l1BaseFeeScalar": "0x558", 58 | "l1BlobBaseFee": "0x19", 59 | "l1BlobBaseFeeScalar": "0xc5fc5", 60 | "l1Fee": "0xd01054", 61 | "l1GasPrice": "0x5966a2", 62 | "l1GasUsed": "0x6a4" 63 | } 64 | ], 65 | "libraries": [], 66 | "pending": [], 67 | "returns": {}, 68 | "timestamp": 1749636148, 69 | "chain": 1398243, 70 | "commit": "8b31ed9" 71 | } -------------------------------------------------------------------------------- /evm/broadcast/AttestationScript.s.sol/17000/configVerifier-latest.json: -------------------------------------------------------------------------------- 1 | { 2 | "transactions": [ 3 | { 4 | "hash": "0x12fd3ae8f906b4ebbdcc211728f8307ca862489e267ca7b807e12d7f1b9ef1b0", 5 | "transactionType": "CALL", 6 | "contractName": null, 7 | "contractAddress": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 8 | "function": "setQuoteVerifier(address)", 9 | "arguments": [ 10 | "0x1a9E873C041F566fCBAdbD9e1358095b7Ea12AA8" 11 | ], 12 | "transaction": { 13 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 14 | "to": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 15 | "gas": "0x1204e", 16 | "value": "0x0", 17 | "input": "0xce3fe7ee0000000000000000000000001a9e873c041f566fcbadbd9e1358095b7ea12aa8", 18 | "nonce": "0x12", 19 | "chainId": "0x4268" 20 | }, 21 | "additionalContracts": [], 22 | "isFixedGasLimit": false 23 | } 24 | ], 25 | "receipts": [ 26 | { 27 | "status": "0x1", 28 | "cumulativeGasUsed": "0x1aa27a", 29 | "logs": [ 30 | { 31 | "address": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 32 | "topics": [ 33 | "0x7e5c4b82142a1c29b046d2a0dfe9550098e0d2e1479fdd947483b3bb1ea4e6b3", 34 | "0x0000000000000000000000000000000000000000000000000000000000000004" 35 | ], 36 | "data": "0x", 37 | "blockHash": "0xd10f822438c734aba69fb32db245a3f4d24eea8da1a3f80322a5b2317f750b12", 38 | "blockNumber": "0x35adc5", 39 | "transactionHash": "0x12fd3ae8f906b4ebbdcc211728f8307ca862489e267ca7b807e12d7f1b9ef1b0", 40 | "transactionIndex": "0x6", 41 | "logIndex": "0x8", 42 | "removed": false 43 | } 44 | ], 45 | "logsBloom": "0x00000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000040000000000000000000000000000000100000000000000004000000000000008000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", 46 | "type": "0x2", 47 | "transactionHash": "0x12fd3ae8f906b4ebbdcc211728f8307ca862489e267ca7b807e12d7f1b9ef1b0", 48 | "transactionIndex": "0x6", 49 | "blockHash": "0xd10f822438c734aba69fb32db245a3f4d24eea8da1a3f80322a5b2317f750b12", 50 | "blockNumber": "0x35adc5", 51 | "gasUsed": "0xc522", 52 | "effectiveGasPrice": "0x2efa96", 53 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 54 | "to": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 55 | "contractAddress": null 56 | } 57 | ], 58 | "libraries": [], 59 | "pending": [], 60 | "returns": {}, 61 | "timestamp": 1742370676, 62 | "chain": 17000, 63 | "commit": "f6d8937" 64 | } -------------------------------------------------------------------------------- /evm/broadcast/AttestationScript.s.sol/421614/configVerifier-latest.json: -------------------------------------------------------------------------------- 1 | { 2 | "transactions": [ 3 | { 4 | "hash": "0x08f92aaa94a1796cff1dcd847df1de436ef2aee1f88ebc5ee3331ed5f150c794", 5 | "transactionType": "CALL", 6 | "contractName": null, 7 | "contractAddress": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 8 | "function": "setQuoteVerifier(address)", 9 | "arguments": [ 10 | "0xD34Cf419AF06629e158DB5F67541AaF2230290FB" 11 | ], 12 | "transaction": { 13 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 14 | "to": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 15 | "gas": "0x10242", 16 | "value": "0x0", 17 | "input": "0xce3fe7ee000000000000000000000000d34cf419af06629e158db5f67541aaf2230290fb", 18 | "nonce": "0x14", 19 | "chainId": "0x66eee" 20 | }, 21 | "additionalContracts": [], 22 | "isFixedGasLimit": false 23 | } 24 | ], 25 | "receipts": [ 26 | { 27 | "status": "0x1", 28 | "cumulativeGasUsed": "0xc522", 29 | "logs": [ 30 | { 31 | "address": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 32 | "topics": [ 33 | "0x7e5c4b82142a1c29b046d2a0dfe9550098e0d2e1479fdd947483b3bb1ea4e6b3", 34 | "0x0000000000000000000000000000000000000000000000000000000000000004" 35 | ], 36 | "data": "0x", 37 | "blockHash": "0x541e17a4aba5ad1e234ae3ad2bf1b7485a59988c2626ab02556f6ec02f6af574", 38 | "blockNumber": "0x7f8b1b6", 39 | "transactionHash": "0x08f92aaa94a1796cff1dcd847df1de436ef2aee1f88ebc5ee3331ed5f150c794", 40 | "transactionIndex": "0x1", 41 | "logIndex": "0x0", 42 | "removed": false 43 | } 44 | ], 45 | "logsBloom": "0x00000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000040000000000000000000000000000000100000000000000004000000000000008000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", 46 | "type": "0x2", 47 | "transactionHash": "0x08f92aaa94a1796cff1dcd847df1de436ef2aee1f88ebc5ee3331ed5f150c794", 48 | "transactionIndex": "0x1", 49 | "blockHash": "0x541e17a4aba5ad1e234ae3ad2bf1b7485a59988c2626ab02556f6ec02f6af574", 50 | "blockNumber": "0x7f8b1b6", 51 | "gasUsed": "0xc522", 52 | "effectiveGasPrice": "0x5f5e100", 53 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 54 | "to": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 55 | "contractAddress": null, 56 | "gasUsedForL1": "0x0", 57 | "l1BlockNumber": "0x790fea", 58 | "timeboosted": false 59 | } 60 | ], 61 | "libraries": [], 62 | "pending": [], 63 | "returns": {}, 64 | "timestamp": 1742372083, 65 | "chain": 421614, 66 | "commit": "f6d8937" 67 | } -------------------------------------------------------------------------------- /evm/broadcast/AttestationScript.s.sol/43113/configVerifier-latest.json: -------------------------------------------------------------------------------- 1 | { 2 | "transactions": [ 3 | { 4 | "hash": "0x6f3672d8d26f127003fc21b53cfefedbd43d682195fa8bd5ad6e0c4a62b76545", 5 | "transactionType": "CALL", 6 | "contractName": null, 7 | "contractAddress": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 8 | "function": "setQuoteVerifier(address)", 9 | "arguments": [ 10 | "0x1a9E873C041F566fCBAdbD9e1358095b7Ea12AA8" 11 | ], 12 | "transaction": { 13 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 14 | "to": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 15 | "gas": "0x1204e", 16 | "value": "0x0", 17 | "input": "0xce3fe7ee0000000000000000000000001a9e873c041f566fcbadbd9e1358095b7ea12aa8", 18 | "nonce": "0x13", 19 | "chainId": "0xa869" 20 | }, 21 | "additionalContracts": [], 22 | "isFixedGasLimit": false 23 | }, 24 | { 25 | "hash": "0xc13aae8070a7cbeca320412167fd61d757f4bfbca9c5723f9becab18dcf401bb", 26 | "transactionType": "CALL", 27 | "contractName": null, 28 | "contractAddress": "0xe20c4d54afbbea5123728d5b7dacd9cb3c65c39a", 29 | "function": "setAuthorized(address,bool)", 30 | "arguments": [ 31 | "0x1a9E873C041F566fCBAdbD9e1358095b7Ea12AA8", 32 | "true" 33 | ], 34 | "transaction": { 35 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 36 | "to": "0xe20c4d54afbbea5123728d5b7dacd9cb3c65c39a", 37 | "gas": "0x110ac", 38 | "value": "0x0", 39 | "input": "0x711bf9b20000000000000000000000001a9e873c041f566fcbadbd9e1358095b7ea12aa80000000000000000000000000000000000000000000000000000000000000001", 40 | "nonce": "0x14", 41 | "chainId": "0xa869" 42 | }, 43 | "additionalContracts": [], 44 | "isFixedGasLimit": false 45 | } 46 | ], 47 | "receipts": [ 48 | { 49 | "status": "0x1", 50 | "cumulativeGasUsed": "0xc522", 51 | "logs": [ 52 | { 53 | "address": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 54 | "topics": [ 55 | "0x7e5c4b82142a1c29b046d2a0dfe9550098e0d2e1479fdd947483b3bb1ea4e6b3", 56 | "0x0000000000000000000000000000000000000000000000000000000000000004" 57 | ], 58 | "data": "0x", 59 | "blockHash": "0xb4c21f34a1a4431f79574354499661995e20c1ddecd54bb485bf824db862b8bd", 60 | "blockNumber": "0x24ed855", 61 | "transactionHash": "0x6f3672d8d26f127003fc21b53cfefedbd43d682195fa8bd5ad6e0c4a62b76545", 62 | "transactionIndex": "0x0", 63 | "logIndex": "0x0", 64 | "removed": false 65 | } 66 | ], 67 | "logsBloom": "0x00000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000040000000000000000000000000000000100000000000000004000000000000008000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", 68 | "type": "0x2", 69 | "transactionHash": "0x6f3672d8d26f127003fc21b53cfefedbd43d682195fa8bd5ad6e0c4a62b76545", 70 | "transactionIndex": "0x0", 71 | "blockHash": "0xb4c21f34a1a4431f79574354499661995e20c1ddecd54bb485bf824db862b8bd", 72 | "blockNumber": "0x24ed855", 73 | "gasUsed": "0xc522", 74 | "effectiveGasPrice": "0x59682f01", 75 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 76 | "to": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 77 | "contractAddress": null 78 | }, 79 | { 80 | "status": "0x1", 81 | "cumulativeGasUsed": "0x17f94", 82 | "logs": [ 83 | { 84 | "address": "0xe20c4d54afbbea5123728d5b7dacd9cb3c65c39a", 85 | "topics": [ 86 | "0xe8ac88ef3e26c9d4c7d829737fcaab2c820d959a78440d0ed44e54aa341ee1fd" 87 | ], 88 | "data": "0x0000000000000000000000001a9e873c041f566fcbadbd9e1358095b7ea12aa80000000000000000000000000000000000000000000000000000000000000001", 89 | "blockHash": "0xb4c21f34a1a4431f79574354499661995e20c1ddecd54bb485bf824db862b8bd", 90 | "blockNumber": "0x24ed855", 91 | "transactionHash": "0xc13aae8070a7cbeca320412167fd61d757f4bfbca9c5723f9becab18dcf401bb", 92 | "transactionIndex": "0x1", 93 | "logIndex": "0x1", 94 | "removed": false 95 | } 96 | ], 97 | "logsBloom": "0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000010000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000", 98 | "type": "0x2", 99 | "transactionHash": "0xc13aae8070a7cbeca320412167fd61d757f4bfbca9c5723f9becab18dcf401bb", 100 | "transactionIndex": "0x1", 101 | "blockHash": "0xb4c21f34a1a4431f79574354499661995e20c1ddecd54bb485bf824db862b8bd", 102 | "blockNumber": "0x24ed855", 103 | "gasUsed": "0xba72", 104 | "effectiveGasPrice": "0x59682f01", 105 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 106 | "to": "0xe20c4d54afbbea5123728d5b7dacd9cb3c65c39a", 107 | "contractAddress": null 108 | } 109 | ], 110 | "libraries": [], 111 | "pending": [], 112 | "returns": {}, 113 | "timestamp": 1742465504, 114 | "chain": 43113, 115 | "commit": "2c90851" 116 | } -------------------------------------------------------------------------------- /evm/broadcast/AttestationScript.s.sol/8453/configVerifier-latest.json: -------------------------------------------------------------------------------- 1 | { 2 | "transactions": [ 3 | { 4 | "hash": "0x9bb04d544350e475a64e44d02c85f4d7d0d9898883c138d02c233ccf2af1b74f", 5 | "transactionType": "CALL", 6 | "contractName": null, 7 | "contractAddress": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 8 | "function": "setQuoteVerifier(address)", 9 | "arguments": [ 10 | "0xD34Cf419AF06629e158DB5F67541AaF2230290FB" 11 | ], 12 | "transaction": { 13 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 14 | "to": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 15 | "gas": "0x1204e", 16 | "value": "0x0", 17 | "input": "0xce3fe7ee000000000000000000000000d34cf419af06629e158db5f67541aaf2230290fb", 18 | "nonce": "0x14", 19 | "chainId": "0x2105" 20 | }, 21 | "additionalContracts": [], 22 | "isFixedGasLimit": false 23 | } 24 | ], 25 | "receipts": [ 26 | { 27 | "status": "0x1", 28 | "cumulativeGasUsed": "0x21e744b", 29 | "logs": [ 30 | { 31 | "address": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 32 | "topics": [ 33 | "0x7e5c4b82142a1c29b046d2a0dfe9550098e0d2e1479fdd947483b3bb1ea4e6b3", 34 | "0x0000000000000000000000000000000000000000000000000000000000000004" 35 | ], 36 | "data": "0x", 37 | "blockHash": "0x7a61dbda20386d23da22745ea0dacbf1428c40e613567d36df991972a53a35f7", 38 | "blockNumber": "0x1a81dfb", 39 | "blockTimestamp": "0x67da98d9", 40 | "transactionHash": "0x9bb04d544350e475a64e44d02c85f4d7d0d9898883c138d02c233ccf2af1b74f", 41 | "transactionIndex": "0x90", 42 | "logIndex": "0x11f", 43 | "removed": false 44 | } 45 | ], 46 | "logsBloom": "0x00000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000040000000000000000000000000000000100000000000000004000000000000008000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", 47 | "type": "0x2", 48 | "transactionHash": "0x9bb04d544350e475a64e44d02c85f4d7d0d9898883c138d02c233ccf2af1b74f", 49 | "transactionIndex": "0x90", 50 | "blockHash": "0x7a61dbda20386d23da22745ea0dacbf1428c40e613567d36df991972a53a35f7", 51 | "blockNumber": "0x1a81dfb", 52 | "gasUsed": "0xc522", 53 | "effectiveGasPrice": "0x2fbb78", 54 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 55 | "to": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 56 | "contractAddress": null, 57 | "l1BaseFeeScalar": "0x8dd", 58 | "l1BlobBaseFee": "0x1", 59 | "l1BlobBaseFeeScalar": "0x101c12", 60 | "l1Fee": "0x5588c73c", 61 | "l1GasPrice": "0x178f8158", 62 | "l1GasUsed": "0x640" 63 | } 64 | ], 65 | "libraries": [], 66 | "pending": [], 67 | "returns": {}, 68 | "timestamp": 1742379227, 69 | "chain": 8453, 70 | "commit": "042a564" 71 | } -------------------------------------------------------------------------------- /evm/broadcast/AttestationScript.s.sol/8453/configureZk-latest.json: -------------------------------------------------------------------------------- 1 | { 2 | "transactions": [ 3 | { 4 | "hash": "0x1cf8f03728091199e7ee31b7519097796de4e7e81e4bb5d0451fd0e81c73b237", 5 | "transactionType": "CALL", 6 | "contractName": "AutomataDcapAttestationFee", 7 | "contractAddress": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 8 | "function": "setZkConfiguration(uint8,(bytes32,address))", 9 | "arguments": [ 10 | "2", 11 | "(0x0036efd519bb371b29a40322e40031833716e9441c6907f8aefc5e52ceebc9a6, 0xdA9b5A3086e6b648c2e9b75Da4e988Ed41BC0FF8)" 12 | ], 13 | "transaction": { 14 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 15 | "to": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 16 | "gas": "0x193c0", 17 | "value": "0x0", 18 | "input": "0x25e11c7500000000000000000000000000000000000000000000000000000000000000020036efd519bb371b29a40322e40031833716e9441c6907f8aefc5e52ceebc9a6000000000000000000000000da9b5a3086e6b648c2e9b75da4e988ed41bc0ff8", 19 | "nonce": "0x17", 20 | "chainId": "0x2105" 21 | }, 22 | "additionalContracts": [], 23 | "isFixedGasLimit": false 24 | } 25 | ], 26 | "receipts": [ 27 | { 28 | "status": "0x1", 29 | "cumulativeGasUsed": "0x2450668", 30 | "logs": [ 31 | { 32 | "address": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 33 | "topics": [ 34 | "0xb35538ad1e92ffa864ae8dfa1b6c312bcdb6164cf56a52ad554729a0e6c2d68a", 35 | "0x0000000000000000000000000000000000000000000000000000000000000002" 36 | ], 37 | "data": "0x0036efd519bb371b29a40322e40031833716e9441c6907f8aefc5e52ceebc9a6000000000000000000000000da9b5a3086e6b648c2e9b75da4e988ed41bc0ff8", 38 | "blockHash": "0x53c4a6eb27614fc50d6a494b4c264fe3ac9b29139267d805fea90ade7a79ad1d", 39 | "blockNumber": "0x1bfa2e2", 40 | "blockTimestamp": "0x6809a2a7", 41 | "transactionHash": "0x1cf8f03728091199e7ee31b7519097796de4e7e81e4bb5d0451fd0e81c73b237", 42 | "transactionIndex": "0xa0", 43 | "logIndex": "0x1e9", 44 | "removed": false 45 | } 46 | ], 47 | "logsBloom": "0x04000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000080000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000100000000008000000000000000000000", 48 | "type": "0x0", 49 | "transactionHash": "0x1cf8f03728091199e7ee31b7519097796de4e7e81e4bb5d0451fd0e81c73b237", 50 | "transactionIndex": "0xa0", 51 | "blockHash": "0x53c4a6eb27614fc50d6a494b4c264fe3ac9b29139267d805fea90ade7a79ad1d", 52 | "blockNumber": "0x1bfa2e2", 53 | "gasUsed": "0x11412", 54 | "effectiveGasPrice": "0xef9db", 55 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 56 | "to": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 57 | "contractAddress": null, 58 | "l1BaseFeeScalar": "0x8dd", 59 | "l1BlobBaseFee": "0x242", 60 | "l1BlobBaseFeeScalar": "0x101c12", 61 | "l1Fee": "0xa3c14b1a", 62 | "l1GasPrice": "0x2b741990", 63 | "l1GasUsed": "0x67c" 64 | } 65 | ], 66 | "libraries": [], 67 | "pending": [], 68 | "returns": {}, 69 | "timestamp": 1745461925, 70 | "chain": 8453, 71 | "commit": "5252503" 72 | } -------------------------------------------------------------------------------- /evm/broadcast/AttestationScript.s.sol/84532/configVerifier-latest.json: -------------------------------------------------------------------------------- 1 | { 2 | "transactions": [ 3 | { 4 | "hash": "0x6939dcb48f87b96991e4f86c3e7eac4ab4d553350d4ab6ba14c7182bd89a4a7d", 5 | "transactionType": "CALL", 6 | "contractName": null, 7 | "contractAddress": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 8 | "function": "setQuoteVerifier(address)", 9 | "arguments": [ 10 | "0xD34Cf419AF06629e158DB5F67541AaF2230290FB" 11 | ], 12 | "transaction": { 13 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 14 | "to": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 15 | "gas": "0x1204e", 16 | "value": "0x0", 17 | "input": "0xce3fe7ee000000000000000000000000d34cf419af06629e158db5f67541aaf2230290fb", 18 | "nonce": "0x12", 19 | "chainId": "0x14a34" 20 | }, 21 | "additionalContracts": [], 22 | "isFixedGasLimit": false 23 | } 24 | ], 25 | "receipts": [ 26 | { 27 | "status": "0x1", 28 | "cumulativeGasUsed": "0x7bf8c6", 29 | "logs": [ 30 | { 31 | "address": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 32 | "topics": [ 33 | "0x7e5c4b82142a1c29b046d2a0dfe9550098e0d2e1479fdd947483b3bb1ea4e6b3", 34 | "0x0000000000000000000000000000000000000000000000000000000000000004" 35 | ], 36 | "data": "0x", 37 | "blockHash": "0x7a21e1916c5324084f6fb463f66c8e10880f426251a0b9b1987b3240a00db541", 38 | "blockNumber": "0x1638d0e", 39 | "transactionHash": "0x6939dcb48f87b96991e4f86c3e7eac4ab4d553350d4ab6ba14c7182bd89a4a7d", 40 | "transactionIndex": "0x26", 41 | "logIndex": "0xb9", 42 | "removed": false 43 | } 44 | ], 45 | "logsBloom": "0x00000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000040000000000000000000000000000000100000000000000004000000000000008000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", 46 | "type": "0x2", 47 | "transactionHash": "0x6939dcb48f87b96991e4f86c3e7eac4ab4d553350d4ab6ba14c7182bd89a4a7d", 48 | "transactionIndex": "0x26", 49 | "blockHash": "0x7a21e1916c5324084f6fb463f66c8e10880f426251a0b9b1987b3240a00db541", 50 | "blockNumber": "0x1638d0e", 51 | "gasUsed": "0xc522", 52 | "effectiveGasPrice": "0x7d6ce14", 53 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 54 | "to": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 55 | "contractAddress": null, 56 | "l1BaseFeeScalar": "0x44d", 57 | "l1BlobBaseFee": "0x1", 58 | "l1BlobBaseFeeScalar": "0xa118b", 59 | "l1Fee": "0x1827f5e", 60 | "l1GasPrice": "0xdb669e", 61 | "l1GasUsed": "0x640" 62 | } 63 | ], 64 | "libraries": [], 65 | "pending": [], 66 | "returns": {}, 67 | "timestamp": 1742371070, 68 | "chain": 84532, 69 | "commit": "f6d8937" 70 | } -------------------------------------------------------------------------------- /evm/broadcast/AttestationScript.s.sol/97/configVerifier-latest.json: -------------------------------------------------------------------------------- 1 | { 2 | "transactions": [ 3 | { 4 | "hash": "0xb390797a6358ad2aa92a5716aa967ae2d39f1d26ec2df420c1fcd427ac0af43f", 5 | "transactionType": "CALL", 6 | "contractName": null, 7 | "contractAddress": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 8 | "function": "setQuoteVerifier(address)", 9 | "arguments": [ 10 | "0xD34Cf419AF06629e158DB5F67541AaF2230290FB" 11 | ], 12 | "transaction": { 13 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 14 | "to": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 15 | "gas": "0x1204e", 16 | "value": "0x0", 17 | "input": "0xce3fe7ee000000000000000000000000d34cf419af06629e158db5f67541aaf2230290fb", 18 | "nonce": "0x13", 19 | "chainId": "0x61" 20 | }, 21 | "additionalContracts": [], 22 | "isFixedGasLimit": false 23 | }, 24 | { 25 | "hash": "0x71a85413cc26936a671e1640a500126b4970f7fbac8f872cfa67bd8af579eac8", 26 | "transactionType": "CALL", 27 | "contractName": null, 28 | "contractAddress": "0x0d089b3fa00cbad0a5098025519e9e4620622acf", 29 | "function": "setAuthorized(address,bool)", 30 | "arguments": [ 31 | "0xD34Cf419AF06629e158DB5F67541AaF2230290FB", 32 | "true" 33 | ], 34 | "transaction": { 35 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 36 | "to": "0x0d089b3fa00cbad0a5098025519e9e4620622acf", 37 | "gas": "0x110ac", 38 | "value": "0x0", 39 | "input": "0x711bf9b2000000000000000000000000d34cf419af06629e158db5f67541aaf2230290fb0000000000000000000000000000000000000000000000000000000000000001", 40 | "nonce": "0x14", 41 | "chainId": "0x61" 42 | }, 43 | "additionalContracts": [], 44 | "isFixedGasLimit": false 45 | } 46 | ], 47 | "receipts": [ 48 | { 49 | "status": "0x1", 50 | "cumulativeGasUsed": "0x41432", 51 | "logs": [ 52 | { 53 | "address": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 54 | "topics": [ 55 | "0x7e5c4b82142a1c29b046d2a0dfe9550098e0d2e1479fdd947483b3bb1ea4e6b3", 56 | "0x0000000000000000000000000000000000000000000000000000000000000004" 57 | ], 58 | "data": "0x", 59 | "blockHash": "0xbf8e151c4a75302d347d7208e4a3914de20c53915efd17c464d2eb7c8e00dece", 60 | "blockNumber": "0x2ef74a1", 61 | "transactionHash": "0xb390797a6358ad2aa92a5716aa967ae2d39f1d26ec2df420c1fcd427ac0af43f", 62 | "transactionIndex": "0x1", 63 | "logIndex": "0x4", 64 | "removed": false 65 | } 66 | ], 67 | "logsBloom": "0x00000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000040000000000000000000000000000000100000000000000004000000000000008000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", 68 | "type": "0x0", 69 | "transactionHash": "0xb390797a6358ad2aa92a5716aa967ae2d39f1d26ec2df420c1fcd427ac0af43f", 70 | "transactionIndex": "0x1", 71 | "blockHash": "0xbf8e151c4a75302d347d7208e4a3914de20c53915efd17c464d2eb7c8e00dece", 72 | "blockNumber": "0x2ef74a1", 73 | "gasUsed": "0xc522", 74 | "effectiveGasPrice": "0x2540be400", 75 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 76 | "to": "0x95175096a9b74165be0ac84260cc14fc1c0ef5ff", 77 | "contractAddress": null 78 | }, 79 | { 80 | "status": "0x1", 81 | "cumulativeGasUsed": "0x4cea4", 82 | "logs": [ 83 | { 84 | "address": "0x0d089b3fa00cbad0a5098025519e9e4620622acf", 85 | "topics": [ 86 | "0xe8ac88ef3e26c9d4c7d829737fcaab2c820d959a78440d0ed44e54aa341ee1fd" 87 | ], 88 | "data": "0x000000000000000000000000d34cf419af06629e158db5f67541aaf2230290fb0000000000000000000000000000000000000000000000000000000000000001", 89 | "blockHash": "0xbf8e151c4a75302d347d7208e4a3914de20c53915efd17c464d2eb7c8e00dece", 90 | "blockNumber": "0x2ef74a1", 91 | "transactionHash": "0x71a85413cc26936a671e1640a500126b4970f7fbac8f872cfa67bd8af579eac8", 92 | "transactionIndex": "0x2", 93 | "logIndex": "0x5", 94 | "removed": false 95 | } 96 | ], 97 | "logsBloom": "0x00000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000", 98 | "type": "0x0", 99 | "transactionHash": "0x71a85413cc26936a671e1640a500126b4970f7fbac8f872cfa67bd8af579eac8", 100 | "transactionIndex": "0x2", 101 | "blockHash": "0xbf8e151c4a75302d347d7208e4a3914de20c53915efd17c464d2eb7c8e00dece", 102 | "blockNumber": "0x2ef74a1", 103 | "gasUsed": "0xba72", 104 | "effectiveGasPrice": "0x2540be400", 105 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 106 | "to": "0x0d089b3fa00cbad0a5098025519e9e4620622acf", 107 | "contractAddress": null 108 | } 109 | ], 110 | "libraries": [], 111 | "pending": [], 112 | "returns": {}, 113 | "timestamp": 1742465606, 114 | "chain": 97, 115 | "commit": "2c90851" 116 | } -------------------------------------------------------------------------------- /evm/broadcast/DeployRouter.s.sol/10/setAuthorizedCaller-latest.json: -------------------------------------------------------------------------------- 1 | { 2 | "transactions": [ 3 | { 4 | "hash": "0xca9b7f283a452a8866811b8b8740b2b6265f8748088cf48f02391f2ac24fbf52", 5 | "transactionType": "CALL", 6 | "contractName": null, 7 | "contractAddress": "0x0d089b3fa00cbad0a5098025519e9e4620622acf", 8 | "function": "setAuthorized(address,bool)", 9 | "arguments": [ 10 | "0xD34Cf419AF06629e158DB5F67541AaF2230290FB", 11 | "true" 12 | ], 13 | "transaction": { 14 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 15 | "to": "0x0d089b3fa00cbad0a5098025519e9e4620622acf", 16 | "gas": "0x110ac", 17 | "value": "0x0", 18 | "input": "0x711bf9b2000000000000000000000000d34cf419af06629e158db5f67541aaf2230290fb0000000000000000000000000000000000000000000000000000000000000001", 19 | "nonce": "0x14", 20 | "chainId": "0xa" 21 | }, 22 | "additionalContracts": [], 23 | "isFixedGasLimit": false 24 | } 25 | ], 26 | "receipts": [ 27 | { 28 | "status": "0x1", 29 | "cumulativeGasUsed": "0x6cac79", 30 | "logs": [ 31 | { 32 | "address": "0x0d089b3fa00cbad0a5098025519e9e4620622acf", 33 | "topics": [ 34 | "0xe8ac88ef3e26c9d4c7d829737fcaab2c820d959a78440d0ed44e54aa341ee1fd" 35 | ], 36 | "data": "0x000000000000000000000000d34cf419af06629e158db5f67541aaf2230290fb0000000000000000000000000000000000000000000000000000000000000001", 37 | "blockHash": "0xe00c9e1cb17420f8ad944b29b99b593ed44df02575b71568eea2859af131604e", 38 | "blockNumber": "0x7f35dd0", 39 | "transactionHash": "0xca9b7f283a452a8866811b8b8740b2b6265f8748088cf48f02391f2ac24fbf52", 40 | "transactionIndex": "0x11", 41 | "logIndex": "0x14", 42 | "removed": false 43 | } 44 | ], 45 | "logsBloom": "0x00000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000", 46 | "type": "0x2", 47 | "transactionHash": "0xca9b7f283a452a8866811b8b8740b2b6265f8748088cf48f02391f2ac24fbf52", 48 | "transactionIndex": "0x11", 49 | "blockHash": "0xe00c9e1cb17420f8ad944b29b99b593ed44df02575b71568eea2859af131604e", 50 | "blockNumber": "0x7f35dd0", 51 | "gasUsed": "0xba72", 52 | "effectiveGasPrice": "0x11272", 53 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 54 | "to": "0x0d089b3fa00cbad0a5098025519e9e4620622acf", 55 | "contractAddress": null, 56 | "l1BaseFeeScalar": "0x146b", 57 | "l1BlobBaseFee": "0x1", 58 | "l1BlobBaseFeeScalar": "0xf79c5", 59 | "l1Fee": "0xdc18e33e", 60 | "l1GasPrice": "0x1a513d75", 61 | "l1GasUsed": "0x640" 62 | } 63 | ], 64 | "libraries": [], 65 | "pending": [], 66 | "returns": {}, 67 | "timestamp": 1742378330, 68 | "chain": 10, 69 | "commit": "042a564" 70 | } -------------------------------------------------------------------------------- /evm/broadcast/DeployRouter.s.sol/11155111/setAuthorizedCaller-latest.json: -------------------------------------------------------------------------------- 1 | { 2 | "transactions": [ 3 | { 4 | "hash": "0x9ec044d45594ce79a4a3c74f21706ace68656ea4b6f1e144a2334184118fc530", 5 | "transactionType": "CALL", 6 | "contractName": null, 7 | "contractAddress": "0xe20c4d54afbbea5123728d5b7dacd9cb3c65c39a", 8 | "function": "setAuthorized(address,bool)", 9 | "arguments": [ 10 | "0x1a9E873C041F566fCBAdbD9e1358095b7Ea12AA8", 11 | "true" 12 | ], 13 | "transaction": { 14 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 15 | "to": "0xe20c4d54afbbea5123728d5b7dacd9cb3c65c39a", 16 | "gas": "0x110ac", 17 | "value": "0x0", 18 | "input": "0x711bf9b20000000000000000000000001a9e873c041f566fcbadbd9e1358095b7ea12aa80000000000000000000000000000000000000000000000000000000000000001", 19 | "nonce": "0x14", 20 | "chainId": "0xaa36a7" 21 | }, 22 | "additionalContracts": [], 23 | "isFixedGasLimit": false 24 | } 25 | ], 26 | "receipts": [ 27 | { 28 | "status": "0x1", 29 | "cumulativeGasUsed": "0xadbbc7", 30 | "logs": [ 31 | { 32 | "address": "0xe20c4d54afbbea5123728d5b7dacd9cb3c65c39a", 33 | "topics": [ 34 | "0xe8ac88ef3e26c9d4c7d829737fcaab2c820d959a78440d0ed44e54aa341ee1fd" 35 | ], 36 | "data": "0x0000000000000000000000001a9e873c041f566fcbadbd9e1358095b7ea12aa80000000000000000000000000000000000000000000000000000000000000001", 37 | "blockHash": "0xf3e55e6f6286ddbcd547435c58d9fa4bdbe59032e68efc3aa7979a5eda0285d0", 38 | "blockNumber": "0x790f60", 39 | "blockTimestamp": "0x67da7668", 40 | "transactionHash": "0x9ec044d45594ce79a4a3c74f21706ace68656ea4b6f1e144a2334184118fc530", 41 | "transactionIndex": "0x7b", 42 | "logIndex": "0xb9", 43 | "removed": false 44 | } 45 | ], 46 | "logsBloom": "0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000010000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000", 47 | "type": "0x2", 48 | "transactionHash": "0x9ec044d45594ce79a4a3c74f21706ace68656ea4b6f1e144a2334184118fc530", 49 | "transactionIndex": "0x7b", 50 | "blockHash": "0xf3e55e6f6286ddbcd547435c58d9fa4bdbe59032e68efc3aa7979a5eda0285d0", 51 | "blockNumber": "0x790f60", 52 | "gasUsed": "0xba72", 53 | "effectiveGasPrice": "0xed2bb9", 54 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 55 | "to": "0xe20c4d54afbbea5123728d5b7dacd9cb3c65c39a", 56 | "contractAddress": null 57 | } 58 | ], 59 | "libraries": [], 60 | "pending": [], 61 | "returns": {}, 62 | "timestamp": 1742370408, 63 | "chain": 11155111, 64 | "commit": "f6d8937" 65 | } -------------------------------------------------------------------------------- /evm/broadcast/DeployRouter.s.sol/11155420/setAuthorizedCaller-latest.json: -------------------------------------------------------------------------------- 1 | { 2 | "transactions": [ 3 | { 4 | "hash": "0x9e252795403c974a7d0c29ac0faf8e36f52f89f81452c4648cd62689f426984f", 5 | "transactionType": "CALL", 6 | "contractName": null, 7 | "contractAddress": "0x0d089b3fa00cbad0a5098025519e9e4620622acf", 8 | "function": "setAuthorized(address,bool)", 9 | "arguments": [ 10 | "0xD34Cf419AF06629e158DB5F67541AaF2230290FB", 11 | "true" 12 | ], 13 | "transaction": { 14 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 15 | "to": "0x0d089b3fa00cbad0a5098025519e9e4620622acf", 16 | "gas": "0x110ac", 17 | "value": "0x0", 18 | "input": "0x711bf9b2000000000000000000000000d34cf419af06629e158db5f67541aaf2230290fb0000000000000000000000000000000000000000000000000000000000000001", 19 | "nonce": "0x12", 20 | "chainId": "0xaa37dc" 21 | }, 22 | "additionalContracts": [], 23 | "isFixedGasLimit": false 24 | } 25 | ], 26 | "receipts": [ 27 | { 28 | "status": "0x1", 29 | "cumulativeGasUsed": "0x6c1ce1", 30 | "logs": [ 31 | { 32 | "address": "0x0d089b3fa00cbad0a5098025519e9e4620622acf", 33 | "topics": [ 34 | "0xe8ac88ef3e26c9d4c7d829737fcaab2c820d959a78440d0ed44e54aa341ee1fd" 35 | ], 36 | "data": "0x000000000000000000000000d34cf419af06629e158db5f67541aaf2230290fb0000000000000000000000000000000000000000000000000000000000000001", 37 | "blockHash": "0x37fb6b426f8002e1733284cb61be4d514c763aa9b41a01f6b4d31f31660b5cf1", 38 | "blockNumber": "0x181d006", 39 | "transactionHash": "0x9e252795403c974a7d0c29ac0faf8e36f52f89f81452c4648cd62689f426984f", 40 | "transactionIndex": "0x5", 41 | "logIndex": "0x26", 42 | "removed": false 43 | } 44 | ], 45 | "logsBloom": "0x00000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000", 46 | "type": "0x2", 47 | "transactionHash": "0x9e252795403c974a7d0c29ac0faf8e36f52f89f81452c4648cd62689f426984f", 48 | "transactionIndex": "0x5", 49 | "blockHash": "0x37fb6b426f8002e1733284cb61be4d514c763aa9b41a01f6b4d31f31660b5cf1", 50 | "blockNumber": "0x181d006", 51 | "gasUsed": "0xba72", 52 | "effectiveGasPrice": "0xf435c", 53 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 54 | "to": "0x0d089b3fa00cbad0a5098025519e9e4620622acf", 55 | "contractAddress": null, 56 | "l1BaseFeeScalar": "0x1db0", 57 | "l1BlobBaseFee": "0x1", 58 | "l1BlobBaseFeeScalar": "0xd2730", 59 | "l1Fee": "0xdca45d3", 60 | "l1GasPrice": "0x1225181", 61 | "l1GasUsed": "0x640" 62 | } 63 | ], 64 | "libraries": [], 65 | "pending": [], 66 | "returns": {}, 67 | "timestamp": 1742371770, 68 | "chain": 11155420, 69 | "commit": "f6d8937" 70 | } -------------------------------------------------------------------------------- /evm/broadcast/DeployRouter.s.sol/1398243/setAuthorizedCaller-latest.json: -------------------------------------------------------------------------------- 1 | { 2 | "transactions": [ 3 | { 4 | "hash": "0x0d1800f195bebe2946becdc6e054348320b6dfdf87bd7252d3ea452c2adcc52d", 5 | "transactionType": "CALL", 6 | "contractName": null, 7 | "contractAddress": "0x0d089b3fa00cbad0a5098025519e9e4620622acf", 8 | "function": "setAuthorized(address,bool)", 9 | "arguments": [ 10 | "0xD34Cf419AF06629e158DB5F67541AaF2230290FB", 11 | "true" 12 | ], 13 | "transaction": { 14 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 15 | "to": "0x0d089b3fa00cbad0a5098025519e9e4620622acf", 16 | "gas": "0x110ac", 17 | "value": "0x0", 18 | "input": "0x711bf9b2000000000000000000000000d34cf419af06629e158db5f67541aaf2230290fb0000000000000000000000000000000000000000000000000000000000000001", 19 | "nonce": "0x14", 20 | "chainId": "0x1555e3" 21 | }, 22 | "additionalContracts": [], 23 | "isFixedGasLimit": false 24 | } 25 | ], 26 | "receipts": [ 27 | { 28 | "status": "0x1", 29 | "cumulativeGasUsed": "0x165b4", 30 | "logs": [ 31 | { 32 | "address": "0x0d089b3fa00cbad0a5098025519e9e4620622acf", 33 | "topics": [ 34 | "0xe8ac88ef3e26c9d4c7d829737fcaab2c820d959a78440d0ed44e54aa341ee1fd" 35 | ], 36 | "data": "0x000000000000000000000000d34cf419af06629e158db5f67541aaf2230290fb0000000000000000000000000000000000000000000000000000000000000001", 37 | "blockHash": "0x992f44f0a6006bd78122f4b07023794cf3d9ea6f00b246852e5946c15b46b6fc", 38 | "blockNumber": "0xb34f8b", 39 | "transactionHash": "0x0d1800f195bebe2946becdc6e054348320b6dfdf87bd7252d3ea452c2adcc52d", 40 | "transactionIndex": "0x1", 41 | "logIndex": "0x0", 42 | "removed": false 43 | } 44 | ], 45 | "logsBloom": "0x00000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000", 46 | "type": "0x2", 47 | "transactionHash": "0x0d1800f195bebe2946becdc6e054348320b6dfdf87bd7252d3ea452c2adcc52d", 48 | "transactionIndex": "0x1", 49 | "blockHash": "0x992f44f0a6006bd78122f4b07023794cf3d9ea6f00b246852e5946c15b46b6fc", 50 | "blockNumber": "0xb34f8b", 51 | "gasUsed": "0xba72", 52 | "effectiveGasPrice": "0xfd", 53 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 54 | "to": "0x0d089b3fa00cbad0a5098025519e9e4620622acf", 55 | "contractAddress": null, 56 | "l1BaseFeeScalar": "0x558", 57 | "l1BlobBaseFee": "0x1", 58 | "l1BlobBaseFeeScalar": "0xc5fc5", 59 | "l1Fee": "0xfd2a85", 60 | "l1GasPrice": "0x73a9ed", 61 | "l1GasUsed": "0x640" 62 | } 63 | ], 64 | "libraries": [], 65 | "pending": [], 66 | "returns": {}, 67 | "timestamp": 1742368502, 68 | "chain": 1398243, 69 | "commit": "f6d8937" 70 | } -------------------------------------------------------------------------------- /evm/broadcast/DeployRouter.s.sol/17000/setAuthorizedCaller-latest.json: -------------------------------------------------------------------------------- 1 | { 2 | "transactions": [ 3 | { 4 | "hash": "0xc57f3c5666dde9c38d88776cde6ea19df5d99929132330bc24fa881c43a1136b", 5 | "transactionType": "CALL", 6 | "contractName": null, 7 | "contractAddress": "0xe20c4d54afbbea5123728d5b7dacd9cb3c65c39a", 8 | "function": "setAuthorized(address,bool)", 9 | "arguments": [ 10 | "0x1a9E873C041F566fCBAdbD9e1358095b7Ea12AA8", 11 | "true" 12 | ], 13 | "transaction": { 14 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 15 | "to": "0xe20c4d54afbbea5123728d5b7dacd9cb3c65c39a", 16 | "gas": "0x110ac", 17 | "value": "0x0", 18 | "input": "0x711bf9b20000000000000000000000001a9e873c041f566fcbadbd9e1358095b7ea12aa80000000000000000000000000000000000000000000000000000000000000001", 19 | "nonce": "0x14", 20 | "chainId": "0x4268" 21 | }, 22 | "additionalContracts": [], 23 | "isFixedGasLimit": false 24 | } 25 | ], 26 | "receipts": [ 27 | { 28 | "status": "0x1", 29 | "cumulativeGasUsed": "0x1836fe5", 30 | "logs": [ 31 | { 32 | "address": "0xe20c4d54afbbea5123728d5b7dacd9cb3c65c39a", 33 | "topics": [ 34 | "0xe8ac88ef3e26c9d4c7d829737fcaab2c820d959a78440d0ed44e54aa341ee1fd" 35 | ], 36 | "data": "0x0000000000000000000000001a9e873c041f566fcbadbd9e1358095b7ea12aa80000000000000000000000000000000000000000000000000000000000000001", 37 | "blockHash": "0xd35ea59b2dc86c0620dc3c5c37771c0f9090d1ef1c5f1e792f0628db0ab1bddb", 38 | "blockNumber": "0x35adca", 39 | "transactionHash": "0xc57f3c5666dde9c38d88776cde6ea19df5d99929132330bc24fa881c43a1136b", 40 | "transactionIndex": "0x8", 41 | "logIndex": "0x1a7", 42 | "removed": false 43 | } 44 | ], 45 | "logsBloom": "0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000010000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000", 46 | "type": "0x2", 47 | "transactionHash": "0xc57f3c5666dde9c38d88776cde6ea19df5d99929132330bc24fa881c43a1136b", 48 | "transactionIndex": "0x8", 49 | "blockHash": "0xd35ea59b2dc86c0620dc3c5c37771c0f9090d1ef1c5f1e792f0628db0ab1bddb", 50 | "blockNumber": "0x35adca", 51 | "gasUsed": "0xba72", 52 | "effectiveGasPrice": "0x2c3db2", 53 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 54 | "to": "0xe20c4d54afbbea5123728d5b7dacd9cb3c65c39a", 55 | "contractAddress": null 56 | } 57 | ], 58 | "libraries": [], 59 | "pending": [], 60 | "returns": {}, 61 | "timestamp": 1742370746, 62 | "chain": 17000, 63 | "commit": "f6d8937" 64 | } -------------------------------------------------------------------------------- /evm/broadcast/DeployRouter.s.sol/421614/setAuthorizedCaller-latest.json: -------------------------------------------------------------------------------- 1 | { 2 | "transactions": [ 3 | { 4 | "hash": "0x6e0aa52ae465f8b16eccd5a3bb11fb6a114d8e39b344319891b6430135111098", 5 | "transactionType": "CALL", 6 | "contractName": null, 7 | "contractAddress": "0x0d089b3fa00cbad0a5098025519e9e4620622acf", 8 | "function": "setAuthorized(address,bool)", 9 | "arguments": [ 10 | "0xD34Cf419AF06629e158DB5F67541AaF2230290FB", 11 | "true" 12 | ], 13 | "transaction": { 14 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 15 | "to": "0x0d089b3fa00cbad0a5098025519e9e4620622acf", 16 | "gas": "0xf455", 17 | "value": "0x0", 18 | "input": "0x711bf9b2000000000000000000000000d34cf419af06629e158db5f67541aaf2230290fb0000000000000000000000000000000000000000000000000000000000000001", 19 | "nonce": "0x12", 20 | "chainId": "0x66eee" 21 | }, 22 | "additionalContracts": [], 23 | "isFixedGasLimit": false 24 | } 25 | ], 26 | "receipts": [ 27 | { 28 | "status": "0x1", 29 | "cumulativeGasUsed": "0x1dde1", 30 | "logs": [ 31 | { 32 | "address": "0x0d089b3fa00cbad0a5098025519e9e4620622acf", 33 | "topics": [ 34 | "0xe8ac88ef3e26c9d4c7d829737fcaab2c820d959a78440d0ed44e54aa341ee1fd" 35 | ], 36 | "data": "0x000000000000000000000000d34cf419af06629e158db5f67541aaf2230290fb0000000000000000000000000000000000000000000000000000000000000001", 37 | "blockHash": "0x37218e228143527d1180a379fdfa6ba9970edcc751a14d922a3bf112ad203006", 38 | "blockNumber": "0x7f8b0eb", 39 | "transactionHash": "0x6e0aa52ae465f8b16eccd5a3bb11fb6a114d8e39b344319891b6430135111098", 40 | "transactionIndex": "0x2", 41 | "logIndex": "0x1", 42 | "removed": false 43 | } 44 | ], 45 | "logsBloom": "0x00000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000", 46 | "type": "0x2", 47 | "transactionHash": "0x6e0aa52ae465f8b16eccd5a3bb11fb6a114d8e39b344319891b6430135111098", 48 | "transactionIndex": "0x2", 49 | "blockHash": "0x37218e228143527d1180a379fdfa6ba9970edcc751a14d922a3bf112ad203006", 50 | "blockNumber": "0x7f8b0eb", 51 | "gasUsed": "0xba72", 52 | "effectiveGasPrice": "0x5f5e100", 53 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 54 | "to": "0x0d089b3fa00cbad0a5098025519e9e4620622acf", 55 | "contractAddress": null, 56 | "gasUsedForL1": "0x0", 57 | "l1BlockNumber": "0x790fe6", 58 | "timeboosted": false 59 | } 60 | ], 61 | "libraries": [], 62 | "pending": [], 63 | "returns": {}, 64 | "timestamp": 1742372029, 65 | "chain": 421614, 66 | "commit": "f6d8937" 67 | } -------------------------------------------------------------------------------- /evm/broadcast/DeployRouter.s.sol/8453/setAuthorizedCaller-latest.json: -------------------------------------------------------------------------------- 1 | { 2 | "transactions": [ 3 | { 4 | "hash": "0x98a3af5b539f08a400c0dad813497ce6e42dbbf56a8c123babe98288d95b4b41", 5 | "transactionType": "CALL", 6 | "contractName": null, 7 | "contractAddress": "0x0d089b3fa00cbad0a5098025519e9e4620622acf", 8 | "function": "setAuthorized(address,bool)", 9 | "arguments": [ 10 | "0xD34Cf419AF06629e158DB5F67541AaF2230290FB", 11 | "true" 12 | ], 13 | "transaction": { 14 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 15 | "to": "0x0d089b3fa00cbad0a5098025519e9e4620622acf", 16 | "gas": "0x110ac", 17 | "value": "0x0", 18 | "input": "0x711bf9b2000000000000000000000000d34cf419af06629e158db5f67541aaf2230290fb0000000000000000000000000000000000000000000000000000000000000001", 19 | "nonce": "0x12", 20 | "chainId": "0x2105" 21 | }, 22 | "additionalContracts": [], 23 | "isFixedGasLimit": false 24 | } 25 | ], 26 | "receipts": [ 27 | { 28 | "status": "0x1", 29 | "cumulativeGasUsed": "0x28795b0", 30 | "logs": [ 31 | { 32 | "address": "0x0d089b3fa00cbad0a5098025519e9e4620622acf", 33 | "topics": [ 34 | "0xe8ac88ef3e26c9d4c7d829737fcaab2c820d959a78440d0ed44e54aa341ee1fd" 35 | ], 36 | "data": "0x000000000000000000000000d34cf419af06629e158db5f67541aaf2230290fb0000000000000000000000000000000000000000000000000000000000000001", 37 | "blockHash": "0xd1aa187d78d3dfa8d3450794e85b02fe2a0c88696056a69287914b45c8b94db3", 38 | "blockNumber": "0x1a81deb", 39 | "blockTimestamp": "0x67da98b9", 40 | "transactionHash": "0x98a3af5b539f08a400c0dad813497ce6e42dbbf56a8c123babe98288d95b4b41", 41 | "transactionIndex": "0x91", 42 | "logIndex": "0x1ba", 43 | "removed": false 44 | } 45 | ], 46 | "logsBloom": "0x00000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000", 47 | "type": "0x2", 48 | "transactionHash": "0x98a3af5b539f08a400c0dad813497ce6e42dbbf56a8c123babe98288d95b4b41", 49 | "transactionIndex": "0x91", 50 | "blockHash": "0xd1aa187d78d3dfa8d3450794e85b02fe2a0c88696056a69287914b45c8b94db3", 51 | "blockNumber": "0x1a81deb", 52 | "gasUsed": "0xba72", 53 | "effectiveGasPrice": "0x31f0fa", 54 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 55 | "to": "0x0d089b3fa00cbad0a5098025519e9e4620622acf", 56 | "contractAddress": null, 57 | "l1BaseFeeScalar": "0x8dd", 58 | "l1BlobBaseFee": "0x1", 59 | "l1BlobBaseFeeScalar": "0x101c12", 60 | "l1Fee": "0x5b814747", 61 | "l1GasPrice": "0x19348885", 62 | "l1GasUsed": "0x640" 63 | } 64 | ], 65 | "libraries": [], 66 | "pending": [], 67 | "returns": {}, 68 | "timestamp": 1742379194, 69 | "chain": 8453, 70 | "commit": "042a564" 71 | } -------------------------------------------------------------------------------- /evm/broadcast/DeployRouter.s.sol/84532/setAuthorizedCaller-latest.json: -------------------------------------------------------------------------------- 1 | { 2 | "transactions": [ 3 | { 4 | "hash": "0x3fbe9c84c6fbf0cc1e2238febaf66eaf56c13da80fcef9ff9a6cf4c4e3d9c241", 5 | "transactionType": "CALL", 6 | "contractName": null, 7 | "contractAddress": "0x0d089b3fa00cbad0a5098025519e9e4620622acf", 8 | "function": "setAuthorized(address,bool)", 9 | "arguments": [ 10 | "0xD34Cf419AF06629e158DB5F67541AaF2230290FB", 11 | "true" 12 | ], 13 | "transaction": { 14 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 15 | "to": "0x0d089b3fa00cbad0a5098025519e9e4620622acf", 16 | "gas": "0x110ac", 17 | "value": "0x0", 18 | "input": "0x711bf9b2000000000000000000000000d34cf419af06629e158db5f67541aaf2230290fb0000000000000000000000000000000000000000000000000000000000000001", 19 | "nonce": "0x14", 20 | "chainId": "0x14a34" 21 | }, 22 | "additionalContracts": [], 23 | "isFixedGasLimit": false 24 | } 25 | ], 26 | "receipts": [ 27 | { 28 | "status": "0x1", 29 | "cumulativeGasUsed": "0xc96f23", 30 | "logs": [ 31 | { 32 | "address": "0x0d089b3fa00cbad0a5098025519e9e4620622acf", 33 | "topics": [ 34 | "0xe8ac88ef3e26c9d4c7d829737fcaab2c820d959a78440d0ed44e54aa341ee1fd" 35 | ], 36 | "data": "0x000000000000000000000000d34cf419af06629e158db5f67541aaf2230290fb0000000000000000000000000000000000000000000000000000000000000001", 37 | "blockHash": "0x8e71b975bf339ab89bda98002b827d00047e2739bf94e8644727274a943d5e79", 38 | "blockNumber": "0x1638dd6", 39 | "transactionHash": "0x3fbe9c84c6fbf0cc1e2238febaf66eaf56c13da80fcef9ff9a6cf4c4e3d9c241", 40 | "transactionIndex": "0x3c", 41 | "logIndex": "0x14e", 42 | "removed": false 43 | } 44 | ], 45 | "logsBloom": "0x00000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000", 46 | "type": "0x2", 47 | "transactionHash": "0x3fbe9c84c6fbf0cc1e2238febaf66eaf56c13da80fcef9ff9a6cf4c4e3d9c241", 48 | "transactionIndex": "0x3c", 49 | "blockHash": "0x8e71b975bf339ab89bda98002b827d00047e2739bf94e8644727274a943d5e79", 50 | "blockNumber": "0x1638dd6", 51 | "gasUsed": "0xba72", 52 | "effectiveGasPrice": "0x7d34638", 53 | "from": "0xdf841b239be7a6b37366005107069b7410da4ff9", 54 | "to": "0x0d089b3fa00cbad0a5098025519e9e4620622acf", 55 | "contractAddress": null, 56 | "l1BaseFeeScalar": "0x44d", 57 | "l1BlobBaseFee": "0x1", 58 | "l1BlobBaseFeeScalar": "0xa118b", 59 | "l1Fee": "0x1a8d588", 60 | "l1GasPrice": "0xf129c8", 61 | "l1GasUsed": "0x640" 62 | } 63 | ], 64 | "libraries": [], 65 | "pending": [], 66 | "returns": {}, 67 | "timestamp": 1742371469, 68 | "chain": 84532, 69 | "commit": "f6d8937" 70 | } -------------------------------------------------------------------------------- /evm/contracts/AutomataDcapAttestationFee.sol: -------------------------------------------------------------------------------- 1 | //SPDX-License-Identifier: MIT 2 | pragma solidity ^0.8.0; 3 | 4 | import "./AttestationEntrypointBase.sol"; 5 | import "./bases/FeeManagerBase.sol"; 6 | 7 | /** 8 | * @title Automata DCAP Attestation With Fee 9 | * @notice This contract collects a fee, based on a certain % of transaction fee 10 | * needed to perform DCAP attestation. 11 | */ 12 | contract AutomataDcapAttestationFee is FeeManagerBase, AttestationEntrypointBase { 13 | constructor(address owner) AttestationEntrypointBase(owner) {} 14 | 15 | function setBp(uint16 _newBp) public override onlyOwner { 16 | super.setBp(_newBp); 17 | } 18 | 19 | function withdraw(address beneficiary, uint256 amount) public override onlyOwner { 20 | super.withdraw(beneficiary, amount); 21 | } 22 | 23 | function verifyAndAttestOnChain(bytes calldata rawQuote) 24 | external 25 | payable 26 | collectFee 27 | returns (bool success, bytes memory output) 28 | { 29 | (success, output) = _verifyAndAttestOnChain(rawQuote); 30 | } 31 | 32 | function verifyAndAttestWithZKProof( 33 | bytes calldata output, 34 | ZkCoProcessorType zkCoprocessor, 35 | bytes calldata proofBytes 36 | ) external payable collectFee returns (bool success, bytes memory verifiedOutput) { 37 | (success, verifiedOutput) = _verifyAndAttestWithZKProof(output, zkCoprocessor, proofBytes); 38 | } 39 | } 40 | -------------------------------------------------------------------------------- /evm/contracts/bases/EnclaveIdBase.sol: -------------------------------------------------------------------------------- 1 | //SPDX-License-Identifier: MIT 2 | pragma solidity ^0.8.0; 3 | 4 | import { 5 | IdentityObj, 6 | EnclaveId, 7 | Tcb, 8 | EnclaveIdTcbStatus 9 | } from "@automata-network/on-chain-pccs/helpers/EnclaveIdentityHelper.sol"; 10 | 11 | abstract contract EnclaveIdBase { 12 | /// @dev https://github.com/intel/SGX-TDX-DCAP-QuoteVerificationLibrary/blob/16b7291a7a86e486fdfcf1dfb4be885c0cc00b4e/Src/AttestationLibrary/src/Verifiers/EnclaveReportVerifier.cpp#L47-L113 13 | function verifyQEReportWithIdentity( 14 | IdentityObj memory identity, 15 | bytes4 enclaveReportMiscselect, 16 | bytes16 enclaveReportAttributes, 17 | bytes32 enclaveReportMrsigner, 18 | uint16 enclaveReportIsvprodid, 19 | uint16 enclaveReportIsvSvn 20 | ) internal pure returns (bool, EnclaveIdTcbStatus status) { 21 | bool miscselectMatched = enclaveReportMiscselect & identity.miscselectMask == identity.miscselect; 22 | bool attributesMatched = enclaveReportAttributes & identity.attributesMask == identity.attributes; 23 | bool mrsignerMatched = enclaveReportMrsigner == identity.mrsigner; 24 | bool isvprodidMatched = enclaveReportIsvprodid == identity.isvprodid; 25 | 26 | bool tcbFound; 27 | for (uint256 i = 0; i < identity.tcb.length; i++) { 28 | if (identity.tcb[i].isvsvn <= enclaveReportIsvSvn) { 29 | tcbFound = true; 30 | status = identity.tcb[i].status; 31 | break; 32 | } 33 | } 34 | return (miscselectMatched && attributesMatched && mrsignerMatched && isvprodidMatched && tcbFound, status); 35 | } 36 | } 37 | -------------------------------------------------------------------------------- /evm/contracts/bases/FeeManagerBase.sol: -------------------------------------------------------------------------------- 1 | //SPDX-License-Identifier: MIT 2 | pragma solidity ^0.8.0; 3 | 4 | abstract contract FeeManagerBase { 5 | uint16 constant MAX_BP = 10_000; 6 | 7 | uint16 _feeBP; // the percentage of gas fee in basis point; 8 | 9 | // 1356a63b 10 | error BP_Not_Valid(); 11 | // 9bb42d4b 12 | error Insufficient_Funds(); 13 | // c40a532b 14 | error Withdrawal_Failed(); 15 | 16 | /// @dev access-controlled 17 | function setBp(uint16 _newBp) public virtual { 18 | if (_newBp > MAX_BP) { 19 | revert BP_Not_Valid(); 20 | } 21 | _feeBP = _newBp; 22 | } 23 | 24 | function getBp() public view returns (uint16) { 25 | return _feeBP; 26 | } 27 | 28 | function withdraw(address beneficiary, uint256 amount) public virtual { 29 | if (amount > address(this).balance) { 30 | revert Insufficient_Funds(); 31 | } 32 | 33 | _refund(beneficiary, amount); 34 | } 35 | 36 | modifier collectFee() { 37 | uint256 txFee; 38 | if (_feeBP > 0) { 39 | uint256 gasBefore = gasleft(); 40 | _; 41 | uint256 gasAfter = gasleft(); 42 | txFee = ((gasBefore - gasAfter) * tx.gasprice * _feeBP) / MAX_BP; 43 | if (msg.value < txFee) { 44 | revert Insufficient_Funds(); 45 | } 46 | } else { 47 | _; 48 | } 49 | 50 | // refund excess 51 | if (msg.value > 0) { 52 | uint256 excess = msg.value - txFee; 53 | if (excess > 0) { 54 | // refund the sender, rather than the caller 55 | // @dev may fail subsequent call(s), if the caller were a contract 56 | // that might need to make subsequent calls requiring ETh transfers 57 | _refund(tx.origin, excess); 58 | } 59 | } 60 | } 61 | 62 | function _refund(address recipient, uint256 amount) private { 63 | (bool success,) = recipient.call{value: amount}(""); 64 | if (!success) { 65 | revert Withdrawal_Failed(); 66 | } 67 | } 68 | } 69 | -------------------------------------------------------------------------------- /evm/contracts/bases/TDXModuleBase.sol: -------------------------------------------------------------------------------- 1 | //SPDX-License-Identifier: MIT 2 | pragma solidity ^0.8.0; 3 | 4 | import {BytesUtils} from "../utils/BytesUtils.sol"; 5 | 6 | import {TCBStatus} from "@automata-network/on-chain-pccs/helpers/FmspcTcbHelper.sol"; 7 | 8 | abstract contract TDXModuleBase { 9 | using BytesUtils for bytes; 10 | 11 | function checkTdxModule( 12 | bytes memory mrsignerSeam, 13 | bytes memory expectedMrsignerSeam, 14 | bytes8 seamAttributes, 15 | bytes8 expectedSeamAttributes 16 | ) internal pure returns (bool) { 17 | return mrsignerSeam.equals(expectedMrsignerSeam) && seamAttributes == expectedSeamAttributes; 18 | } 19 | 20 | /// @dev https://github.com/intel/SGX-TDX-DCAP-QuoteVerificationLibrary/blob/7e5b2a13ca5472de8d97dd7d7024c2ea5af9a6ba/Src/AttestationLibrary/src/Verifiers/Checks/TdxModuleCheck.cpp#L99-L135 21 | function convergeTcbStatusWithTdxModuleStatus(TCBStatus tcbStatus, TCBStatus tdxModuleStatus) 22 | internal 23 | pure 24 | returns (TCBStatus convergedStatus) 25 | { 26 | if (tdxModuleStatus == TCBStatus.TCB_OUT_OF_DATE) { 27 | if (tcbStatus == TCBStatus.OK || tcbStatus == TCBStatus.TCB_SW_HARDENING_NEEDED) { 28 | convergedStatus = TCBStatus.TCB_OUT_OF_DATE; 29 | } 30 | if ( 31 | tcbStatus == TCBStatus.TCB_CONFIGURATION_NEEDED 32 | || tcbStatus == TCBStatus.TCB_CONFIGURATION_AND_SW_HARDENING_NEEDED 33 | ) { 34 | convergedStatus = TCBStatus.TCB_OUT_OF_DATE_CONFIGURATION_NEEDED; 35 | } 36 | } else { 37 | convergedStatus = tcbStatus; 38 | } 39 | } 40 | } 41 | -------------------------------------------------------------------------------- /evm/contracts/bases/tcb/TCBInfoV2Base.sol: -------------------------------------------------------------------------------- 1 | //SPDX-License-Identifier: MIT 2 | pragma solidity ^0.8.0; 3 | 4 | import {TCBLevelsObj, TCBStatus} from "@automata-network/on-chain-pccs/helpers/FmspcTcbHelper.sol"; 5 | import {EnclaveIdTcbStatus} from "@automata-network/on-chain-pccs/helpers/EnclaveIdentityHelper.sol"; 6 | import {LibString} from "solady/utils/LibString.sol"; 7 | import {PCKCertTCB} from "../../types/CommonStruct.sol"; 8 | 9 | abstract contract TCBInfoV2Base { 10 | using LibString for string; 11 | 12 | // https://github.com/intel/SGXDataCenterAttestationPrimitives/blob/e7604e02331b3377f3766ed3653250e03af72d45/QuoteVerification/QVL/Src/AttestationLibrary/src/CertVerification/X509Constants.h#L64 13 | uint256 internal constant CPUSVN_LENGTH = 16; 14 | 15 | function getSGXTcbStatus(PCKCertTCB memory pckTcb, TCBLevelsObj memory current) 16 | internal 17 | pure 18 | returns (bool, TCBStatus status) 19 | { 20 | bool pceSvnIsHigherOrGreater; 21 | bool cpuSvnsAreHigherOrGreater; 22 | (pceSvnIsHigherOrGreater, cpuSvnsAreHigherOrGreater) = _checkSgxCpuSvns(pckTcb, current); 23 | status = current.status; 24 | bool statusFound = pceSvnIsHigherOrGreater && cpuSvnsAreHigherOrGreater; 25 | return (statusFound, statusFound ? status : TCBStatus.TCB_UNRECOGNIZED); 26 | } 27 | 28 | function _checkSgxCpuSvns(PCKCertTCB memory pckTcb, TCBLevelsObj memory tcbLevel) 29 | internal 30 | pure 31 | returns (bool, bool) 32 | { 33 | bool pceSvnIsHigherOrGreater = pckTcb.pcesvn >= tcbLevel.pcesvn; 34 | bool cpuSvnsAreHigherOrGreater = _isCpuSvnHigherOrGreater(pckTcb.cpusvns, tcbLevel.sgxComponentCpuSvns); 35 | return (pceSvnIsHigherOrGreater, cpuSvnsAreHigherOrGreater); 36 | } 37 | 38 | function _isCpuSvnHigherOrGreater(uint8[] memory pckCpuSvns, uint8[] memory tcbCpuSvns) 39 | internal 40 | pure 41 | returns (bool) 42 | { 43 | if (pckCpuSvns.length != CPUSVN_LENGTH || tcbCpuSvns.length != CPUSVN_LENGTH) { 44 | return false; 45 | } 46 | for (uint256 i = 0; i < CPUSVN_LENGTH; i++) { 47 | if (uint256(pckCpuSvns[i]) < tcbCpuSvns[i]) { 48 | return false; 49 | } 50 | } 51 | return true; 52 | } 53 | } 54 | -------------------------------------------------------------------------------- /evm/contracts/bases/tcb/TCBInfoV3Base.sol: -------------------------------------------------------------------------------- 1 | //SPDX-License-Identifier: MIT 2 | pragma solidity ^0.8.0; 3 | 4 | import { 5 | TcbId, 6 | TDXModule, 7 | TDXModuleIdentity, 8 | TDXModuleTCBLevelsObj 9 | } from "@automata-network/on-chain-pccs/helpers/FmspcTcbHelper.sol"; 10 | import {BELE} from "../../utils/BELE.sol"; 11 | import "./TCBInfoV2Base.sol"; 12 | 13 | abstract contract TCBInfoV3Base is TCBInfoV2Base { 14 | using LibString for string; 15 | 16 | uint256 constant TCB_LEVEL_ERROR = type(uint256).max; 17 | 18 | /// @dev Modified from https://github.com/intel/SGX-TDX-DCAP-QuoteVerificationLibrary/blob/7e5b2a13ca5472de8d97dd7d7024c2ea5af9a6ba/Src/AttestationLibrary/src/Verifiers/Checks/TcbLevelCheck.cpp#L129-L181 19 | function getTDXTcbStatus(TCBLevelsObj[] memory tcbLevels, PCKCertTCB memory pckTcb, bytes16 teeTcbSvn) 20 | internal 21 | pure 22 | returns (bool tdxTcbFound, TCBStatus status, uint256 tcbLevelSelected) 23 | { 24 | bool pceSvnIsHigherOrGreater; 25 | bool cpuSvnsAreHigherOrGreater; 26 | bool sgxTcbFound; 27 | TCBStatus sgxStatus; 28 | for (uint256 i = 0; i < tcbLevels.length; i++) { 29 | TCBLevelsObj memory current = tcbLevels[i]; 30 | if (!sgxTcbFound) { 31 | (pceSvnIsHigherOrGreater, cpuSvnsAreHigherOrGreater) = _checkSgxCpuSvns(pckTcb, current); 32 | } 33 | if (pceSvnIsHigherOrGreater && cpuSvnsAreHigherOrGreater) { 34 | sgxTcbFound = true; 35 | sgxStatus = current.status; 36 | } 37 | if (sgxTcbFound && sgxStatus != TCBStatus.TCB_REVOKED) { 38 | if (teeTcbSvn != bytes16(0)) { 39 | if (_isTdxTcbHigherOrEqual(teeTcbSvn, current.tdxComponentCpuSvns)) { 40 | tdxTcbFound = true; 41 | status = current.status; 42 | tcbLevelSelected = i; 43 | } 44 | } else { 45 | break; 46 | } 47 | } else if (sgxStatus == TCBStatus.TCB_REVOKED) { 48 | return (false, TCBStatus.TCB_REVOKED, TCB_LEVEL_ERROR); 49 | } 50 | if (tdxTcbFound) { 51 | break; 52 | } 53 | } 54 | 55 | if (!tdxTcbFound) { 56 | return (false, TCBStatus.TCB_UNRECOGNIZED, TCB_LEVEL_ERROR); 57 | } 58 | } 59 | 60 | /// @dev https://github.com/intel/SGX-TDX-DCAP-QuoteVerificationLibrary/blob/7e5b2a13ca5472de8d97dd7d7024c2ea5af9a6ba/Src/AttestationLibrary/src/Verifiers/Checks/TdxModuleCheck.cpp#L62-L97 61 | function checkTdxModuleTcbStatus(bytes16 teeTcbSvn, TDXModuleIdentity[] memory tdxModuleIdentities) 62 | internal 63 | pure 64 | returns (bool, TCBStatus, uint8, bytes memory, bytes8) 65 | { 66 | uint8 tdxModuleIsvSvn = uint8(teeTcbSvn[0]); 67 | uint8 tdxModuleVersion = uint8(teeTcbSvn[1]); 68 | bytes memory expectedMrSignerSeam; 69 | bytes8 expectedSeamAttributes; 70 | 71 | if (tdxModuleVersion == 0) { 72 | return (true, TCBStatus.OK, tdxModuleVersion, expectedMrSignerSeam, expectedSeamAttributes); 73 | } 74 | 75 | string memory tdxModuleIdentityId = string( 76 | abi.encodePacked(bytes("TDX_"), bytes(LibString.toHexStringNoPrefix(abi.encodePacked(tdxModuleVersion)))) 77 | ); 78 | 79 | bool tdxModuleIdentityFound; 80 | TCBStatus moduleStatus; 81 | 82 | for (uint256 i = 0; i < tdxModuleIdentities.length; i++) { 83 | TDXModuleIdentity memory currId = tdxModuleIdentities[i]; 84 | if (tdxModuleIdentityId.eq(currId.id)) { 85 | TDXModuleTCBLevelsObj[] memory tdxModuleTcbLevels = currId.tcbLevels; 86 | for (uint256 j = 0; j < tdxModuleTcbLevels.length; j++) { 87 | if (tdxModuleIsvSvn >= uint8(tdxModuleTcbLevels[j].isvsvn)) { 88 | tdxModuleIdentityFound = true; 89 | moduleStatus = tdxModuleTcbLevels[j].status; 90 | expectedMrSignerSeam = currId.mrsigner; 91 | expectedSeamAttributes = currId.attributes; 92 | break; 93 | } 94 | } 95 | break; 96 | } 97 | } 98 | 99 | if (tdxModuleIdentityFound) { 100 | return (true, moduleStatus, tdxModuleVersion, expectedMrSignerSeam, expectedSeamAttributes); 101 | } else { 102 | return (false, TCBStatus.TCB_UNRECOGNIZED, tdxModuleVersion, expectedMrSignerSeam, expectedSeamAttributes); 103 | } 104 | } 105 | 106 | function _isTdxTcbHigherOrEqual(bytes16 teeTcbSvn, uint8[] memory tdxComponentCpuSvns) 107 | internal 108 | pure 109 | returns (bool) 110 | { 111 | if (tdxComponentCpuSvns.length != CPUSVN_LENGTH) { 112 | return false; 113 | } 114 | 115 | for (uint256 i = 0; i < CPUSVN_LENGTH; i++) { 116 | if (uint8(teeTcbSvn[i]) < uint8(tdxComponentCpuSvns[i])) { 117 | return false; 118 | } 119 | } 120 | 121 | return true; 122 | } 123 | } 124 | -------------------------------------------------------------------------------- /evm/contracts/interfaces/IPCCSRouter.sol: -------------------------------------------------------------------------------- 1 | //SPDX-License-Identifier: MIT 2 | pragma solidity >=0.8.0; 3 | 4 | import { 5 | EnclaveIdentityJsonObj, 6 | IdentityObj, 7 | EnclaveId 8 | } from "@automata-network/on-chain-pccs/helpers/EnclaveIdentityHelper.sol"; 9 | import { 10 | TcbInfoJsonObj, 11 | TCBLevelsObj, 12 | TcbInfoBasic, 13 | TcbId, 14 | TDXModule, 15 | TDXModuleIdentity 16 | } from "@automata-network/on-chain-pccs/helpers/FmspcTcbHelper.sol"; 17 | import {CA} from "@automata-network/on-chain-pccs/bases/PcsDao.sol"; 18 | 19 | /** 20 | * @title PCCS Router Interface 21 | * @notice The PCCS Router is a central contract that serves all other contracts in the network 22 | * to fetch collaterals from the On Chain PCCS 23 | */ 24 | interface IPCCSRouter { 25 | function qeIdDaoAddr() external view returns (address); 26 | 27 | function fmspcTcbDaoAddr() external view returns (address); 28 | 29 | function pckDaoAddr() external view returns (address); 30 | 31 | function pcsDaoAddr() external view returns (address); 32 | 33 | function pckHelperAddr() external view returns (address); 34 | 35 | function crlHelperAddr() external view returns (address); 36 | 37 | function fmspcTcbHelperAddr() external view returns (address); 38 | 39 | function getQeIdentity(EnclaveId id, uint256 quoteVersion) external view returns (IdentityObj memory); 40 | 41 | function getQeIdentityContentHash(EnclaveId id, uint256 version) external view returns (bytes32); 42 | 43 | function getFmspcTcbV2(bytes6 fmspc) external view returns (TCBLevelsObj[] memory); 44 | 45 | function getFmspcTcbV3(TcbId id, bytes6 fmspc) 46 | external 47 | view 48 | returns (TCBLevelsObj[] memory, TDXModule memory, TDXModuleIdentity[] memory); 49 | 50 | function getFmspcTcbContentHash(TcbId id, bytes6 fmspc, uint32 version) external view returns (bytes32); 51 | 52 | function getPckCert( 53 | string calldata qeid, 54 | string calldata platformCpuSvn, 55 | string calldata platformPceSvn, 56 | string calldata pceid 57 | ) external view returns (bytes memory); 58 | 59 | function getCert(CA ca) external view returns (bytes memory); 60 | 61 | function getCrl(CA ca) external view returns (bytes memory); 62 | 63 | function getCertHash(CA ca) external view returns (bytes32); 64 | 65 | function getCrlHash(CA ca) external view returns (bytes32); 66 | 67 | // *withTimestamp() methods to check collateral expiration status based on the provided timestamp 68 | function getCertHashWithTimestamp(CA ca, uint64 timestamp) external view returns (bytes32); 69 | 70 | function getCrlHashWithTimestamp(CA ca, uint64 timestamp) external view returns (bytes32); 71 | } 72 | -------------------------------------------------------------------------------- /evm/contracts/interfaces/IQuoteVerifier.sol: -------------------------------------------------------------------------------- 1 | //SPDX-License-Identifier: MIT 2 | pragma solidity >=0.8.0; 3 | 4 | import {IPCCSRouter} from "./IPCCSRouter.sol"; 5 | import {Header} from "../types/CommonStruct.sol"; 6 | 7 | /** 8 | * @title Automata DCAP Quote Verifier 9 | * @notice Provides the interface to implement version-specific verifiers 10 | */ 11 | interface IQuoteVerifier { 12 | /** 13 | * @dev this method must be immutable 14 | * @return an instance of the PCCSRouter interface 15 | */ 16 | function pccsRouter() external view returns (IPCCSRouter); 17 | 18 | /** 19 | * @notice the quote version supported by this verifier 20 | */ 21 | function quoteVersion() external view returns (uint16); 22 | 23 | function verifyQuote(Header calldata, bytes calldata) external view returns (bool, bytes memory); 24 | 25 | /** 26 | * @notice additional check on the public output obtained from the ZK Program execution 27 | */ 28 | function verifyZkOutput(bytes calldata) external view returns (bool, bytes memory); 29 | } 30 | -------------------------------------------------------------------------------- /evm/contracts/types/CommonStruct.sol: -------------------------------------------------------------------------------- 1 | //SPDX-License-Identifier: MIT 2 | pragma solidity ^0.8.0; 3 | 4 | import {TCBStatus} from "@automata-network/on-chain-pccs/helpers/FmspcTcbHelper.sol"; 5 | import {X509CertObj} from "@automata-network/on-chain-pccs/helpers/X509Helper.sol"; 6 | 7 | /** 8 | * @title CommonStruct 9 | * @notice Structs that are common across different versions and TEE of Intel DCAP Quote 10 | * @dev may refer to Intel Official Documentation for more details on the struct definiton 11 | * @dev Intel V3 SGX DCAP API Library: https://download.01.org/intel-sgx/sgx-dcap/1.22/linux/docs/Intel_SGX_ECDSA_QuoteLibReference_DCAP_API.pdf 12 | * @dev Intel V4 TDX DCAP API Library: https://download.01.org/intel-sgx/sgx-dcap/1.22/linux/docs/Intel_TDX_DCAP_Quoting_Library_API.pdf 13 | * @dev Fields that are declared as integers (uint*) must reverse the byte order to big-endian 14 | * @dev Whereas, fields that are declared as bytes* type do not reverse the byte order 15 | */ 16 | 17 | /** 18 | * @notice The Quote Header struct definition 19 | * @dev https://github.com/intel/SGX-TDX-DCAP-QuoteVerificationLibrary/blob/16b7291a7a86e486fdfcf1dfb4be885c0cc00b4e/Src/AttestationLibrary/src/QuoteVerification/QuoteStructures.h#L42-L53 20 | * @dev Section A.3 of Intel V4 TDX DCAP API Library Documentation 21 | */ 22 | struct Header { 23 | uint16 version; // LE -> BE 24 | bytes2 attestationKeyType; 25 | bytes4 teeType; 26 | bytes2 qeSvn; 27 | bytes2 pceSvn; 28 | bytes16 qeVendorId; 29 | bytes20 userData; 30 | } 31 | 32 | /** 33 | * @notice The struct definition of EnclaveReport 34 | * @notice The Quoting Enclave (QE) Report uses this struct 35 | * @notice Both v3 and v4 Intel SGX Quotes use this struct as the quote body 36 | * @dev https://github.com/intel/SGX-TDX-DCAP-QuoteVerificationLibrary/blob/16b7291a7a86e486fdfcf1dfb4be885c0cc00b4e/Src/AttestationLibrary/src/QuoteVerification/QuoteStructures.h#L63-L80 37 | * @dev Table 5 in Section A.4 of Intel V3 SGX DCAP API Library Documentation 38 | * @dev Section A.3.10 of Intel V4 TDX DCAP API Library Documentation 39 | */ 40 | struct EnclaveReport { 41 | bytes16 cpuSvn; 42 | bytes4 miscSelect; 43 | bytes28 reserved1; 44 | bytes16 attributes; 45 | bytes32 mrEnclave; 46 | bytes32 reserved2; 47 | bytes32 mrSigner; 48 | bytes reserved3; // 96 bytes 49 | uint16 isvProdId; // LE -> BE 50 | uint16 isvSvn; // LE -> BE 51 | bytes reserved4; // 60 bytes 52 | bytes reportData; // 64 bytes - For QEReports, this contains sha256(attestation key || QEAuthData) || bytes32(0) 53 | } 54 | 55 | /** 56 | * @notice The struct definition of QE Authentication Data 57 | * @dev Table 8 in Section A.4 of Intel V3 SGX DCAP API Library Documentation 58 | * @dev Section A.4.9 of Intel V4 TDX DCAP API Library Documentation 59 | * @dev https://github.com/intel/SGX-TDX-DCAP-QuoteVerificationLibrary/blob/16b7291a7a86e486fdfcf1dfb4be885c0cc00b4e/Src/AttestationLibrary/src/QuoteVerification/QuoteStructures.h#L128-L133 60 | */ 61 | struct QEAuthData { 62 | uint16 parsedDataSize; // LE -> BE 63 | bytes data; 64 | } 65 | 66 | /** 67 | * @notice The struct definition of QE Certification Data 68 | * @dev Table 9 in Section A.4 of Intel V3 SGX DCAP API Library Documentation 69 | * @dev Section A.4.11 of Intel V4 TDX DCAP API Library Documentation 70 | * @dev The Solidity implementation only supports certType == 5 71 | * @dev Hence, we can safely contain the certification data as a parsed struct, rather than a raw byte array 72 | * @dev Modified from https://github.com/intel/SGX-TDX-DCAP-QuoteVerificationLibrary/blob/16b7291a7a86e486fdfcf1dfb4be885c0cc00b4e/Src/AttestationLibrary/src/QuoteVerification/QuoteStructures.h#L135-L141 73 | */ 74 | struct CertificationData { 75 | uint16 certType; // LE -> BE 76 | uint32 certDataSize; // LE -> BE 77 | PCKCollateral pck; 78 | } 79 | 80 | /// ========== CUSTOM TYPES ========== 81 | 82 | /** 83 | * @title PCK Certificate Collateral 84 | * @param pckChain The Parsed PCK Certificate Chain 85 | * @param pckExtension Parsed Intel SGX Extension from the PCK Certificate 86 | */ 87 | struct PCKCollateral { 88 | X509CertObj[] pckChain; 89 | PCKCertTCB pckExtension; 90 | } 91 | 92 | /** 93 | * @title PCK Platform TCB 94 | * @notice These are the TCB values extracted from the PCK Certificate extension 95 | */ 96 | struct PCKCertTCB { 97 | uint16 pcesvn; 98 | uint8[] cpusvns; 99 | bytes fmspcBytes; 100 | bytes pceidBytes; 101 | } 102 | 103 | /** 104 | * @title Verified Output struct 105 | * @notice The output returned by the contract upon successful verification of the quote 106 | * @param quoteVersion The version of the quote 107 | * @param tee The TEE type of the quote 108 | * @param tcbStatus The TCB status of the quote 109 | * @param fmspcBytes The FMSPC values 110 | * @param quoteBody This can either be the Local ISV Report or TD10 Report, depending on the TEE type 111 | * @param advisoryIDs The list of advisory IDs returned by the matching FMSPC TCB entry 112 | */ 113 | struct Output { 114 | uint16 quoteVersion; // serialized as BE, for EVM compatibility 115 | bytes4 tee; 116 | TCBStatus tcbStatus; 117 | bytes6 fmspcBytes; 118 | bytes quoteBody; 119 | string[] advisoryIDs; 120 | } 121 | -------------------------------------------------------------------------------- /evm/contracts/types/Constants.sol: -------------------------------------------------------------------------------- 1 | //SPDX-License-Identifier: MIT 2 | pragma solidity ^0.8.0; 3 | 4 | /// @dev https://github.com/intel/SGX-TDX-DCAP-QuoteVerificationLibrary/blob/16b7291a7a86e486fdfcf1dfb4be885c0cc00b4e/Src/AttestationLibrary/src/QuoteVerification/QuoteConstants.h 5 | uint16 constant HEADER_LENGTH = 48; 6 | bytes2 constant SUPPORTED_ATTESTATION_KEY_TYPE = 0x0200; // ECDSA_256_WITH_P256_CURVE (LE) 7 | // TEE_TYPE are little-endian encoded, hence reversing the order of bytes 8 | bytes4 constant SGX_TEE = 0x00000000; 9 | bytes4 constant TDX_TEE = 0x81000000; 10 | bytes16 constant VALID_QE_VENDOR_ID = 0x939a7233f79c4ca9940a0db3957f0607; 11 | uint16 constant ENCLAVE_REPORT_LENGTH = 384; 12 | uint16 constant TD_REPORT10_LENGTH = 584; 13 | 14 | // Header (48 bytes) + Body (minimum 384 bytes) + AuthDataSize (4 bytes) + AuthData: 15 | // ECDSA_SIGNATURE (64 bytes) + ECDSA_KEY (64 bytes) + QE_REPORT_BYTES (384 bytes) 16 | // + QE_REPORT_SIGNATURE (64 bytes) + QE_AUTH_DATA_SIZE (2 bytes) + QE_CERT_DATA_TYPE (2 bytes) 17 | // + QE_CERT_DATA_SIZE (4 bytes) 18 | uint16 constant MINIMUM_QUOTE_LENGTH = 1020; 19 | 20 | // timestamp + tcb_info_hash + identity_hash + root_ca_hash + tcb_signing_hash + root_crl_hash + pck_crl_hash 21 | // 8 + 6 * 32 = 200 22 | uint16 constant VERIFIED_OUTPUT_COLLATERAL_HASHES_LENGTH = 200; 23 | -------------------------------------------------------------------------------- /evm/contracts/types/V3Structs.sol: -------------------------------------------------------------------------------- 1 | //SPDX-License-Identifier: MIT 2 | pragma solidity ^0.8.0; 3 | 4 | import "./CommonStruct.sol"; 5 | 6 | /** 7 | * @title V3Structs 8 | * @notice Structs that are specific to Intel SGX DCAP Quote Version 3 9 | * @dev Intel V3 SGX DCAP API Library: https://download.01.org/intel-sgx/sgx-dcap/1.22/linux/docs/Intel_SGX_ECDSA_QuoteLibReference_DCAP_API.pdf 10 | */ 11 | 12 | /** 13 | * @notice ECDSA V3 Quote Signature Data Structure Definition 14 | * @dev Table 4 in Section A.4 of Intel V3 SGX DCAP API Library Documentation 15 | * @dev https://github.com/intel/SGX-TDX-DCAP-QuoteVerificationLibrary/blob/16b7291a7a86e486fdfcf1dfb4be885c0cc00b4e/Src/AttestationLibrary/src/QuoteVerification/QuoteStructures.h#L153-L164 16 | */ 17 | struct ECDSAQuoteV3AuthData { 18 | bytes ecdsa256BitSignature; // 64 bytes 19 | bytes ecdsaAttestationKey; // 64 bytes 20 | EnclaveReport qeReport; // 384 bytes 21 | bytes qeReportSignature; // 64 bytes 22 | QEAuthData qeAuthData; 23 | CertificationData certification; 24 | } 25 | 26 | /** 27 | * @dev Section A.4 of Intel V3 SGX DCAP API Library Documentation 28 | */ 29 | struct V3Quote { 30 | Header header; 31 | EnclaveReport localEnclaveReport; 32 | ECDSAQuoteV3AuthData authData; 33 | } 34 | -------------------------------------------------------------------------------- /evm/contracts/types/V4Structs.sol: -------------------------------------------------------------------------------- 1 | //SPDX-License-Identifier: MIT 2 | pragma solidity ^0.8.0; 3 | 4 | import "./CommonStruct.sol"; 5 | 6 | /** 7 | * @notice V4 Intel TDX Quote uses this struct as the quote body 8 | * @dev Section A.3.2 of Intel V4 TDX DCAP API Library Documentation 9 | * @dev https://github.com/intel/SGX-TDX-DCAP-QuoteVerificationLibrary/blob/7e5b2a13ca5472de8d97dd7d7024c2ea5af9a6ba/Src/AttestationLibrary/src/QuoteVerification/QuoteStructures.h#L82-L103 10 | */ 11 | struct TD10ReportBody { 12 | bytes16 teeTcbSvn; 13 | bytes mrSeam; // 48 bytes 14 | bytes mrsignerSeam; // 48 bytes 15 | bytes8 seamAttributes; 16 | bytes8 tdAttributes; 17 | bytes8 xFAM; 18 | bytes mrTd; // 48 bytes 19 | bytes mrConfigId; // 48 bytes 20 | bytes mrOwner; // 48 bytes 21 | bytes mrOwnerConfig; // 48 bytes 22 | bytes rtMr0; // 48 bytes 23 | bytes rtMr1; // 48 nytes 24 | bytes rtMr2; // 48 bytes 25 | bytes rtMr3; // 48 bytes 26 | bytes reportData; // 64 bytes 27 | } 28 | 29 | /** 30 | * @notice QE Report Certification Data struct definition 31 | * @dev this struct is the data that is stored as bytes array in CertificationData of type 6 32 | * @dev Section A.3.11 of Intel V4 TDX DCAP API Library Documentation 33 | * @dev https://github.com/intel/SGX-TDX-DCAP-QuoteVerificationLibrary/blob/16b7291a7a86e486fdfcf1dfb4be885c0cc00b4e/Src/AttestationLibrary/src/QuoteVerification/QuoteStructures.h#L143-L151 34 | */ 35 | struct QEReportCertificationData { 36 | EnclaveReport qeReport; 37 | bytes qeReportSignature; 38 | QEAuthData qeAuthData; 39 | CertificationData certification; 40 | } 41 | 42 | /** 43 | * @notice ECDSA V4 Quote Signature Data Structure Definition 44 | * @dev Section A.3.8 of Intel V4 TDX DCAP API Library Documentation 45 | */ 46 | struct ECDSAQuoteV4AuthData { 47 | bytes ecdsa256BitSignature; // 64 bytes 48 | bytes ecdsaAttestationKey; // 64 bytes 49 | QEReportCertificationData qeReportCertData; 50 | } 51 | 52 | /// In the Solidity implementation, quotes using different TEE types are represented by different structs. 53 | /// As opposed to a unified struct, as seen in https://github.com/intel/SGX-TDX-DCAP-QuoteVerificationLibrary/blob/16b7291a7a86e486fdfcf1dfb4be885c0cc00b4e/Src/AttestationLibrary/src/QuoteVerification/Quote.h 54 | 55 | struct V4SGXQuote { 56 | Header header; 57 | EnclaveReport localEnclaveReport; 58 | ECDSAQuoteV4AuthData authData; 59 | } 60 | 61 | struct V4TDXQuote { 62 | Header header; 63 | TD10ReportBody reportBody; 64 | ECDSAQuoteV4AuthData authData; 65 | } 66 | -------------------------------------------------------------------------------- /evm/contracts/utils/BELE.sol: -------------------------------------------------------------------------------- 1 | //SPDX-License-Identifier: MIT 2 | pragma solidity ^0.8.0; 3 | 4 | /** 5 | * @notice Converts a little-endian encoded bytes to a big-endian uint256 integer 6 | */ 7 | library BELE { 8 | function leBytesToBeUint(bytes memory encoded) internal pure returns (uint256 decoded) { 9 | for (uint256 i = 0; i < encoded.length; i++) { 10 | uint256 digits = uint256(uint8(bytes1(encoded[i]))); 11 | uint256 upperDigit = digits / 16; 12 | uint256 lowerDigit = digits % 16; 13 | 14 | uint256 acc = lowerDigit * (16 ** (2 * i)); 15 | acc += upperDigit * (16 ** ((2 * i) + 1)); 16 | 17 | decoded += acc; 18 | } 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /evm/contracts/utils/P256Verifier.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity ^0.8.0; 3 | 4 | import "./BytesUtils.sol"; 5 | 6 | /** 7 | * @title P256Verifier Wrapper 8 | */ 9 | abstract contract P256Verifier { 10 | using BytesUtils for bytes; 11 | 12 | /// @dev this address can either be: 13 | /// - 0x100 (as defined in RIP-7212) 14 | /// - 0xc2b78104907F722DABAc4C69f826a522B2754De4 (daimo-eth P256 implementation, ref: https://github.com/daimo-eth/p256-verifier/) 15 | /// @dev may contain other P256 Verifier address depending on the target network 16 | address public immutable P256_VERIFIER; 17 | 18 | constructor(address _verifier) { 19 | P256_VERIFIER = _verifier; 20 | } 21 | 22 | function ecdsaVerify(bytes32 messageHash, bytes memory signature, bytes memory key) 23 | internal 24 | view 25 | returns (bool verified) 26 | { 27 | bytes memory args = abi.encode( 28 | messageHash, 29 | uint256(bytes32(signature.substring(0, 32))), 30 | uint256(bytes32(signature.substring(32, 32))), 31 | uint256(bytes32(key.substring(0, 32))), 32 | uint256(bytes32(key.substring(32, 32))) 33 | ); 34 | (bool success, bytes memory ret) = P256_VERIFIER.staticcall(args); 35 | assert(success); // never reverts, always returns 0 or 1 36 | 37 | verified = abi.decode(ret, (uint256)) == 1; 38 | } 39 | } 40 | -------------------------------------------------------------------------------- /evm/deployment/1/dcap.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDcapAttestationFee": "0x95175096a9B74165BE0ac84260cc14Fc1c0EF5FF", 3 | "PCCSRouter": "0xe20C4d54afBbea5123728d5b7dAcD9CB3c65C39a", 4 | "V3QuoteVerifier": "0x816ADa3B63F3c643fb04152eA32B58Db89aadd89", 5 | "V4QuoteVerifier": "0x1a9E873C041F566fCBAdbD9e1358095b7Ea12AA8" 6 | } -------------------------------------------------------------------------------- /evm/deployment/1/onchain_pccs.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDaoStorage": "0x6726B94566618B17fA475af862aC73C5b7b41C56", 3 | "AutomataEnclaveIdentityDao": "0xc3ea5Ff40263E16cD2f4413152A77e7A6b10B0C9", 4 | "AutomataFmspcTcbDao": "0x63eF330eAaadA189861144FCbc9176dae41A5BAf", 5 | "AutomataPckDao": "0x75A2BafFfb2096990246F1a2dA65801Ea2A00b36", 6 | "AutomataPcsDao": "0x45CF7485A0D394130153a3630EA0729999511C2e", 7 | "EnclaveIdentityHelper": "0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0", 8 | "FmspcTcbHelper": "0x181dc716922c84554aeA8bafa07c906F4e4C15B2", 9 | "PCKHelper": "0xeD75bb6543c53d49f4445055Ba18380068025370", 10 | "X509CRLHelper": "0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C" 11 | } -------------------------------------------------------------------------------- /evm/deployment/10/dcap.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDcapAttestationFee": "0x95175096a9B74165BE0ac84260cc14Fc1c0EF5FF", 3 | "PCCSRouter": "0x0d089B3fA00CBAD0a5098025519e9e4620622acF", 4 | "V3QuoteVerifier": "0x69523d25E25e5c78d828Df90459b75F189D40Cf7", 5 | "V4QuoteVerifier": "0xD34Cf419AF06629e158DB5F67541AaF2230290FB" 6 | } -------------------------------------------------------------------------------- /evm/deployment/10/onchain_pccs.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDaoStorage": "0x6726B94566618B17fA475af862aC73C5b7b41C56", 3 | "AutomataEnclaveIdentityDao": "0xd74e880029cd3B6b434f16beA5F53A06989458Ee", 4 | "AutomataFmspcTcbDao": "0xd3A3f34E8615065704cCb5c304C0cEd41bB81483", 5 | "AutomataPckDao": "0xa4615C2a260413878241ff7605AD9577feB356A5", 6 | "AutomataPcsDao": "0xB270cD8550DA117E3accec36A90c4b0b48daD342", 7 | "EnclaveIdentityHelper": "0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0", 8 | "FmspcTcbHelper": "0x181dc716922c84554aeA8bafa07c906F4e4C15B2", 9 | "PCKHelper": "0xeD75bb6543c53d49f4445055Ba18380068025370", 10 | "X509CRLHelper": "0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C" 11 | } -------------------------------------------------------------------------------- /evm/deployment/11155111/dcap.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDcapAttestationFee": "0x95175096a9B74165BE0ac84260cc14Fc1c0EF5FF", 3 | "PCCSRouter": "0xe20C4d54afBbea5123728d5b7dAcD9CB3c65C39a", 4 | "V3QuoteVerifier": "0x816ADa3B63F3c643fb04152eA32B58Db89aadd89", 5 | "V4QuoteVerifier": "0x1a9E873C041F566fCBAdbD9e1358095b7Ea12AA8" 6 | } -------------------------------------------------------------------------------- /evm/deployment/11155111/onchain_pccs.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDaoStorage": "0x6726B94566618B17fA475af862aC73C5b7b41C56", 3 | "AutomataEnclaveIdentityDao": "0xc3ea5Ff40263E16cD2f4413152A77e7A6b10B0C9", 4 | "AutomataFmspcTcbDao": "0x63eF330eAaadA189861144FCbc9176dae41A5BAf", 5 | "AutomataPckDao": "0x75A2BafFfb2096990246F1a2dA65801Ea2A00b36", 6 | "AutomataPcsDao": "0x45CF7485A0D394130153a3630EA0729999511C2e", 7 | "EnclaveIdentityHelper": "0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0", 8 | "FmspcTcbHelper": "0x181dc716922c84554aeA8bafa07c906F4e4C15B2", 9 | "PCKHelper": "0xeD75bb6543c53d49f4445055Ba18380068025370", 10 | "X509CRLHelper": "0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C" 11 | } -------------------------------------------------------------------------------- /evm/deployment/11155420/dcap.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDcapAttestationFee": "0x95175096a9B74165BE0ac84260cc14Fc1c0EF5FF", 3 | "PCCSRouter": "0x0d089B3fA00CBAD0a5098025519e9e4620622acF", 4 | "V3QuoteVerifier": "0x69523d25E25e5c78d828Df90459b75F189D40Cf7", 5 | "V4QuoteVerifier": "0xD34Cf419AF06629e158DB5F67541AaF2230290FB" 6 | } -------------------------------------------------------------------------------- /evm/deployment/11155420/onchain_pccs.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDaoStorage": "0x6726B94566618B17fA475af862aC73C5b7b41C56", 3 | "AutomataEnclaveIdentityDao": "0xd74e880029cd3B6b434f16beA5F53A06989458Ee", 4 | "AutomataFmspcTcbDao": "0xd3A3f34E8615065704cCb5c304C0cEd41bB81483", 5 | "AutomataPckDao": "0xa4615C2a260413878241ff7605AD9577feB356A5", 6 | "AutomataPcsDao": "0xB270cD8550DA117E3accec36A90c4b0b48daD342", 7 | "EnclaveIdentityHelper": "0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0", 8 | "FmspcTcbHelper": "0x181dc716922c84554aeA8bafa07c906F4e4C15B2", 9 | "PCKHelper": "0xeD75bb6543c53d49f4445055Ba18380068025370", 10 | "X509CRLHelper": "0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C" 11 | } -------------------------------------------------------------------------------- /evm/deployment/1301/dcap.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDcapAttestationFee": "0x95175096a9B74165BE0ac84260cc14Fc1c0EF5FF", 3 | "PCCSRouter": "0x0d089B3fA00CBAD0a5098025519e9e4620622acF", 4 | "V3QuoteVerifier": "0x69523d25E25e5c78d828Df90459b75F189D40Cf7", 5 | "V4QuoteVerifier": "0xD34Cf419AF06629e158DB5F67541AaF2230290FB" 6 | } -------------------------------------------------------------------------------- /evm/deployment/1301/onchain_pccs.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDaoStorage": "0x6726B94566618B17fA475af862aC73C5b7b41C56", 3 | "AutomataEnclaveIdentityDao": "0xd74e880029cd3B6b434f16beA5F53A06989458Ee", 4 | "AutomataFmspcTcbDao": "0xd3A3f34E8615065704cCb5c304C0cEd41bB81483", 5 | "AutomataPckDao": "0xa4615C2a260413878241ff7605AD9577feB356A5", 6 | "AutomataPcsDao": "0xB270cD8550DA117E3accec36A90c4b0b48daD342", 7 | "EnclaveIdentityHelper": "0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0", 8 | "FmspcTcbHelper": "0x181dc716922c84554aeA8bafa07c906F4e4C15B2", 9 | "PCKHelper": "0xeD75bb6543c53d49f4445055Ba18380068025370", 10 | "X509CRLHelper": "0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C" 11 | } -------------------------------------------------------------------------------- /evm/deployment/137/dcap.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDcapAttestationFee": "0x95175096a9B74165BE0ac84260cc14Fc1c0EF5FF", 3 | "PCCSRouter": "0x0d089B3fA00CBAD0a5098025519e9e4620622acF", 4 | "V3QuoteVerifier": "0x69523d25E25e5c78d828Df90459b75F189D40Cf7", 5 | "V4QuoteVerifier": "0xD34Cf419AF06629e158DB5F67541AaF2230290FB" 6 | } -------------------------------------------------------------------------------- /evm/deployment/137/onchain_pccs.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDaoStorage": "0x6726B94566618B17fA475af862aC73C5b7b41C56", 3 | "AutomataEnclaveIdentityDao": "0xd74e880029cd3B6b434f16beA5F53A06989458Ee", 4 | "AutomataFmspcTcbDao": "0xd3A3f34E8615065704cCb5c304C0cEd41bB81483", 5 | "AutomataPckDao": "0xa4615C2a260413878241ff7605AD9577feB356A5", 6 | "AutomataPcsDao": "0xB270cD8550DA117E3accec36A90c4b0b48daD342", 7 | "EnclaveIdentityHelper": "0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0", 8 | "FmspcTcbHelper": "0x181dc716922c84554aeA8bafa07c906F4e4C15B2", 9 | "PCKHelper": "0xeD75bb6543c53d49f4445055Ba18380068025370", 10 | "X509CRLHelper": "0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C" 11 | } -------------------------------------------------------------------------------- /evm/deployment/1398243/dcap.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDcapAttestationFee": "0x95175096a9B74165BE0ac84260cc14Fc1c0EF5FF", 3 | "PCCSRouter": "0x0d089B3fA00CBAD0a5098025519e9e4620622acF", 4 | "V3QuoteVerifier": "0x69523d25E25e5c78d828Df90459b75F189D40Cf7", 5 | "V4QuoteVerifier": "0xD34Cf419AF06629e158DB5F67541AaF2230290FB" 6 | } -------------------------------------------------------------------------------- /evm/deployment/1398243/onchain_pccs.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDaoStorage": "0x6726B94566618B17fA475af862aC73C5b7b41C56", 3 | "AutomataEnclaveIdentityDao": "0xd74e880029cd3B6b434f16beA5F53A06989458Ee", 4 | "AutomataFmspcTcbDao": "0xd3A3f34E8615065704cCb5c304C0cEd41bB81483", 5 | "AutomataPckDao": "0xa4615C2a260413878241ff7605AD9577feB356A5", 6 | "AutomataPcsDao": "0xB270cD8550DA117E3accec36A90c4b0b48daD342", 7 | "EnclaveIdentityHelper": "0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0", 8 | "FmspcTcbHelper": "0x181dc716922c84554aeA8bafa07c906F4e4C15B2", 9 | "PCKHelper": "0xeD75bb6543c53d49f4445055Ba18380068025370", 10 | "X509CRLHelper": "0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C" 11 | } -------------------------------------------------------------------------------- /evm/deployment/17000/dcap.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDcapAttestationFee": "0x95175096a9B74165BE0ac84260cc14Fc1c0EF5FF", 3 | "PCCSRouter": "0xe20C4d54afBbea5123728d5b7dAcD9CB3c65C39a", 4 | "V3QuoteVerifier": "0x816ADa3B63F3c643fb04152eA32B58Db89aadd89", 5 | "V4QuoteVerifier": "0x1a9E873C041F566fCBAdbD9e1358095b7Ea12AA8" 6 | } -------------------------------------------------------------------------------- /evm/deployment/17000/onchain_pccs.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDaoStorage": "0x6726B94566618B17fA475af862aC73C5b7b41C56", 3 | "AutomataEnclaveIdentityDao": "0xc3ea5Ff40263E16cD2f4413152A77e7A6b10B0C9", 4 | "AutomataFmspcTcbDao": "0x63eF330eAaadA189861144FCbc9176dae41A5BAf", 5 | "AutomataPckDao": "0x75A2BafFfb2096990246F1a2dA65801Ea2A00b36", 6 | "AutomataPcsDao": "0x45CF7485A0D394130153a3630EA0729999511C2e", 7 | "EnclaveIdentityHelper": "0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0", 8 | "FmspcTcbHelper": "0x181dc716922c84554aeA8bafa07c906F4e4C15B2", 9 | "PCKHelper": "0xeD75bb6543c53d49f4445055Ba18380068025370", 10 | "X509CRLHelper": "0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C" 11 | } -------------------------------------------------------------------------------- /evm/deployment/42161/dcap.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDcapAttestationFee": "0x95175096a9B74165BE0ac84260cc14Fc1c0EF5FF", 3 | "PCCSRouter": "0x0d089B3fA00CBAD0a5098025519e9e4620622acF", 4 | "V3QuoteVerifier": "0x69523d25E25e5c78d828Df90459b75F189D40Cf7", 5 | "V4QuoteVerifier": "0xD34Cf419AF06629e158DB5F67541AaF2230290FB" 6 | } -------------------------------------------------------------------------------- /evm/deployment/42161/onchain_pccs.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDaoStorage": "0x6726B94566618B17fA475af862aC73C5b7b41C56", 3 | "AutomataEnclaveIdentityDao": "0xd74e880029cd3B6b434f16beA5F53A06989458Ee", 4 | "AutomataFmspcTcbDao": "0xd3A3f34E8615065704cCb5c304C0cEd41bB81483", 5 | "AutomataPckDao": "0xa4615C2a260413878241ff7605AD9577feB356A5", 6 | "AutomataPcsDao": "0xB270cD8550DA117E3accec36A90c4b0b48daD342", 7 | "EnclaveIdentityHelper": "0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0", 8 | "FmspcTcbHelper": "0x181dc716922c84554aeA8bafa07c906F4e4C15B2", 9 | "PCKHelper": "0xeD75bb6543c53d49f4445055Ba18380068025370", 10 | "X509CRLHelper": "0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C" 11 | } -------------------------------------------------------------------------------- /evm/deployment/421614/dcap.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDcapAttestationFee": "0x95175096a9B74165BE0ac84260cc14Fc1c0EF5FF", 3 | "PCCSRouter": "0x0d089B3fA00CBAD0a5098025519e9e4620622acF", 4 | "V3QuoteVerifier": "0x69523d25E25e5c78d828Df90459b75F189D40Cf7", 5 | "V4QuoteVerifier": "0xD34Cf419AF06629e158DB5F67541AaF2230290FB" 6 | } -------------------------------------------------------------------------------- /evm/deployment/421614/onchain_pccs.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDaoStorage": "0x6726B94566618B17fA475af862aC73C5b7b41C56", 3 | "AutomataEnclaveIdentityDao": "0xd74e880029cd3B6b434f16beA5F53A06989458Ee", 4 | "AutomataFmspcTcbDao": "0xd3A3f34E8615065704cCb5c304C0cEd41bB81483", 5 | "AutomataPckDao": "0xa4615C2a260413878241ff7605AD9577feB356A5", 6 | "AutomataPcsDao": "0xB270cD8550DA117E3accec36A90c4b0b48daD342", 7 | "EnclaveIdentityHelper": "0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0", 8 | "FmspcTcbHelper": "0x181dc716922c84554aeA8bafa07c906F4e4C15B2", 9 | "PCKHelper": "0xeD75bb6543c53d49f4445055Ba18380068025370", 10 | "X509CRLHelper": "0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C" 11 | } -------------------------------------------------------------------------------- /evm/deployment/43113/dcap.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDcapAttestationFee": "0x95175096a9B74165BE0ac84260cc14Fc1c0EF5FF", 3 | "PCCSRouter": "0xe20C4d54afBbea5123728d5b7dAcD9CB3c65C39a", 4 | "V3QuoteVerifier": "0x816ADa3B63F3c643fb04152eA32B58Db89aadd89", 5 | "V4QuoteVerifier": "0x1a9E873C041F566fCBAdbD9e1358095b7Ea12AA8" 6 | } -------------------------------------------------------------------------------- /evm/deployment/43113/onchain_pccs.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDaoStorage": "0x6726B94566618B17fA475af862aC73C5b7b41C56", 3 | "AutomataEnclaveIdentityDao": "0xc3ea5Ff40263E16cD2f4413152A77e7A6b10B0C9", 4 | "AutomataFmspcTcbDao": "0x63eF330eAaadA189861144FCbc9176dae41A5BAf", 5 | "AutomataPckDao": "0x75A2BafFfb2096990246F1a2dA65801Ea2A00b36", 6 | "AutomataPcsDao": "0x45CF7485A0D394130153a3630EA0729999511C2e", 7 | "EnclaveIdentityHelper": "0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0", 8 | "FmspcTcbHelper": "0x181dc716922c84554aeA8bafa07c906F4e4C15B2", 9 | "PCKHelper": "0xeD75bb6543c53d49f4445055Ba18380068025370", 10 | "X509CRLHelper": "0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C" 11 | } -------------------------------------------------------------------------------- /evm/deployment/43114/dcap.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDcapAttestationFee": "0x95175096a9B74165BE0ac84260cc14Fc1c0EF5FF", 3 | "PCCSRouter": "0xe20C4d54afBbea5123728d5b7dAcD9CB3c65C39a", 4 | "V3QuoteVerifier": "0x816ADa3B63F3c643fb04152eA32B58Db89aadd89", 5 | "V4QuoteVerifier": "0x1a9E873C041F566fCBAdbD9e1358095b7Ea12AA8" 6 | } -------------------------------------------------------------------------------- /evm/deployment/43114/onchain_pccs.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDaoStorage": "0x6726B94566618B17fA475af862aC73C5b7b41C56", 3 | "AutomataEnclaveIdentityDao": "0xc3ea5Ff40263E16cD2f4413152A77e7A6b10B0C9", 4 | "AutomataFmspcTcbDao": "0x63eF330eAaadA189861144FCbc9176dae41A5BAf", 5 | "AutomataPckDao": "0x75A2BafFfb2096990246F1a2dA65801Ea2A00b36", 6 | "AutomataPcsDao": "0x45CF7485A0D394130153a3630EA0729999511C2e", 7 | "EnclaveIdentityHelper": "0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0", 8 | "FmspcTcbHelper": "0x181dc716922c84554aeA8bafa07c906F4e4C15B2", 9 | "PCKHelper": "0xeD75bb6543c53d49f4445055Ba18380068025370", 10 | "X509CRLHelper": "0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C" 11 | } -------------------------------------------------------------------------------- /evm/deployment/480/dcap.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDcapAttestationFee": "0x95175096a9B74165BE0ac84260cc14Fc1c0EF5FF", 3 | "PCCSRouter": "0x0d089B3fA00CBAD0a5098025519e9e4620622acF", 4 | "V3QuoteVerifier": "0x69523d25E25e5c78d828Df90459b75F189D40Cf7", 5 | "V4QuoteVerifier": "0xD34Cf419AF06629e158DB5F67541AaF2230290FB" 6 | } -------------------------------------------------------------------------------- /evm/deployment/480/onchain_pccs.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDaoStorage": "0x6726B94566618B17fA475af862aC73C5b7b41C56", 3 | "AutomataEnclaveIdentityDao": "0xd74e880029cd3B6b434f16beA5F53A06989458Ee", 4 | "AutomataFmspcTcbDao": "0xd3A3f34E8615065704cCb5c304C0cEd41bB81483", 5 | "AutomataPckDao": "0xa4615C2a260413878241ff7605AD9577feB356A5", 6 | "AutomataPcsDao": "0xB270cD8550DA117E3accec36A90c4b0b48daD342", 7 | "EnclaveIdentityHelper": "0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0", 8 | "FmspcTcbHelper": "0x181dc716922c84554aeA8bafa07c906F4e4C15B2", 9 | "PCKHelper": "0xeD75bb6543c53d49f4445055Ba18380068025370", 10 | "X509CRLHelper": "0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C" 11 | } -------------------------------------------------------------------------------- /evm/deployment/4801/dcap.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDcapAttestationFee": "0x95175096a9B74165BE0ac84260cc14Fc1c0EF5FF", 3 | "PCCSRouter": "0x0d089B3fA00CBAD0a5098025519e9e4620622acF", 4 | "V3QuoteVerifier": "0x69523d25E25e5c78d828Df90459b75F189D40Cf7", 5 | "V4QuoteVerifier": "0xD34Cf419AF06629e158DB5F67541AaF2230290FB" 6 | } -------------------------------------------------------------------------------- /evm/deployment/4801/onchain_pccs.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDaoStorage": "0x6726B94566618B17fA475af862aC73C5b7b41C56", 3 | "AutomataEnclaveIdentityDao": "0xd74e880029cd3B6b434f16beA5F53A06989458Ee", 4 | "AutomataFmspcTcbDao": "0xd3A3f34E8615065704cCb5c304C0cEd41bB81483", 5 | "AutomataPckDao": "0xa4615C2a260413878241ff7605AD9577feB356A5", 6 | "AutomataPcsDao": "0xB270cD8550DA117E3accec36A90c4b0b48daD342", 7 | "EnclaveIdentityHelper": "0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0", 8 | "FmspcTcbHelper": "0x181dc716922c84554aeA8bafa07c906F4e4C15B2", 9 | "PCKHelper": "0xeD75bb6543c53d49f4445055Ba18380068025370", 10 | "X509CRLHelper": "0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C" 11 | } -------------------------------------------------------------------------------- /evm/deployment/56/dcap.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDcapAttestationFee": "0x95175096a9B74165BE0ac84260cc14Fc1c0EF5FF", 3 | "PCCSRouter": "0x0d089B3fA00CBAD0a5098025519e9e4620622acF", 4 | "V3QuoteVerifier": "0x69523d25E25e5c78d828Df90459b75F189D40Cf7", 5 | "V4QuoteVerifier": "0xD34Cf419AF06629e158DB5F67541AaF2230290FB" 6 | } -------------------------------------------------------------------------------- /evm/deployment/56/onchain_pccs.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDaoStorage": "0x6726B94566618B17fA475af862aC73C5b7b41C56", 3 | "AutomataEnclaveIdentityDao": "0xd74e880029cd3B6b434f16beA5F53A06989458Ee", 4 | "AutomataFmspcTcbDao": "0xd3A3f34E8615065704cCb5c304C0cEd41bB81483", 5 | "AutomataPckDao": "0xa4615C2a260413878241ff7605AD9577feB356A5", 6 | "AutomataPcsDao": "0xB270cD8550DA117E3accec36A90c4b0b48daD342", 7 | "EnclaveIdentityHelper": "0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0", 8 | "FmspcTcbHelper": "0x181dc716922c84554aeA8bafa07c906F4e4C15B2", 9 | "PCKHelper": "0xeD75bb6543c53d49f4445055Ba18380068025370", 10 | "X509CRLHelper": "0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C" 11 | } -------------------------------------------------------------------------------- /evm/deployment/560048/dcap.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDcapAttestationFee": "0x95175096a9B74165BE0ac84260cc14Fc1c0EF5FF", 3 | "PCCSRouter": "0xe20C4d54afBbea5123728d5b7dAcD9CB3c65C39a", 4 | "V3QuoteVerifier": "0x816ADa3B63F3c643fb04152eA32B58Db89aadd89", 5 | "V4QuoteVerifier": "0x1a9E873C041F566fCBAdbD9e1358095b7Ea12AA8" 6 | } -------------------------------------------------------------------------------- /evm/deployment/560048/onchain_pccs.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDaoStorage": "0x6726B94566618B17fA475af862aC73C5b7b41C56", 3 | "AutomataEnclaveIdentityDao": "0xc3ea5Ff40263E16cD2f4413152A77e7A6b10B0C9", 4 | "AutomataFmspcTcbDao": "0x63eF330eAaadA189861144FCbc9176dae41A5BAf", 5 | "AutomataPckDao": "0x75A2BafFfb2096990246F1a2dA65801Ea2A00b36", 6 | "AutomataPcsDao": "0x45CF7485A0D394130153a3630EA0729999511C2e", 7 | "EnclaveIdentityHelper": "0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0", 8 | "FmspcTcbHelper": "0x181dc716922c84554aeA8bafa07c906F4e4C15B2", 9 | "PCKHelper": "0xeD75bb6543c53d49f4445055Ba18380068025370", 10 | "X509CRLHelper": "0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C" 11 | } -------------------------------------------------------------------------------- /evm/deployment/65536/dcap.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDcapAttestationFee": "0x95175096a9B74165BE0ac84260cc14Fc1c0EF5FF", 3 | "PCCSRouter": "0x0d089B3fA00CBAD0a5098025519e9e4620622acF", 4 | "V3QuoteVerifier": "0x69523d25E25e5c78d828Df90459b75F189D40Cf7", 5 | "V4QuoteVerifier": "0xD34Cf419AF06629e158DB5F67541AaF2230290FB" 6 | } -------------------------------------------------------------------------------- /evm/deployment/65536/onchain_pccs.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDaoStorage": "0x6726B94566618B17fA475af862aC73C5b7b41C56", 3 | "AutomataEnclaveIdentityDao": "0xd74e880029cd3B6b434f16beA5F53A06989458Ee", 4 | "AutomataFmspcTcbDao": "0xd3A3f34E8615065704cCb5c304C0cEd41bB81483", 5 | "AutomataPckDao": "0xa4615C2a260413878241ff7605AD9577feB356A5", 6 | "AutomataPcsDao": "0xB270cD8550DA117E3accec36A90c4b0b48daD342", 7 | "EnclaveIdentityHelper": "0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0", 8 | "FmspcTcbHelper": "0x181dc716922c84554aeA8bafa07c906F4e4C15B2", 9 | "PCKHelper": "0xeD75bb6543c53d49f4445055Ba18380068025370", 10 | "X509CRLHelper": "0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C" 11 | } -------------------------------------------------------------------------------- /evm/deployment/80002/dcap.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDcapAttestationFee": "0x95175096a9B74165BE0ac84260cc14Fc1c0EF5FF", 3 | "PCCSRouter": "0x0d089B3fA00CBAD0a5098025519e9e4620622acF", 4 | "V3QuoteVerifier": "0x69523d25E25e5c78d828Df90459b75F189D40Cf7", 5 | "V4QuoteVerifier": "0xD34Cf419AF06629e158DB5F67541AaF2230290FB" 6 | } -------------------------------------------------------------------------------- /evm/deployment/80002/onchain_pccs.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDaoStorage": "0x6726B94566618B17fA475af862aC73C5b7b41C56", 3 | "AutomataEnclaveIdentityDao": "0xd74e880029cd3B6b434f16beA5F53A06989458Ee", 4 | "AutomataFmspcTcbDao": "0xd3A3f34E8615065704cCb5c304C0cEd41bB81483", 5 | "AutomataPckDao": "0xa4615C2a260413878241ff7605AD9577feB356A5", 6 | "AutomataPcsDao": "0xB270cD8550DA117E3accec36A90c4b0b48daD342", 7 | "EnclaveIdentityHelper": "0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0", 8 | "FmspcTcbHelper": "0x181dc716922c84554aeA8bafa07c906F4e4C15B2", 9 | "PCKHelper": "0xeD75bb6543c53d49f4445055Ba18380068025370", 10 | "X509CRLHelper": "0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C" 11 | } -------------------------------------------------------------------------------- /evm/deployment/8453/dcap.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDcapAttestationFee": "0x95175096a9B74165BE0ac84260cc14Fc1c0EF5FF", 3 | "PCCSRouter": "0x0d089B3fA00CBAD0a5098025519e9e4620622acF", 4 | "V3QuoteVerifier": "0x69523d25E25e5c78d828Df90459b75F189D40Cf7", 5 | "V4QuoteVerifier": "0xD34Cf419AF06629e158DB5F67541AaF2230290FB" 6 | } -------------------------------------------------------------------------------- /evm/deployment/8453/onchain_pccs.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDaoStorage": "0x6726B94566618B17fA475af862aC73C5b7b41C56", 3 | "AutomataEnclaveIdentityDao": "0xd74e880029cd3B6b434f16beA5F53A06989458Ee", 4 | "AutomataFmspcTcbDao": "0xd3A3f34E8615065704cCb5c304C0cEd41bB81483", 5 | "AutomataPckDao": "0xa4615C2a260413878241ff7605AD9577feB356A5", 6 | "AutomataPcsDao": "0xB270cD8550DA117E3accec36A90c4b0b48daD342", 7 | "EnclaveIdentityHelper": "0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0", 8 | "FmspcTcbHelper": "0x181dc716922c84554aeA8bafa07c906F4e4C15B2", 9 | "PCKHelper": "0xeD75bb6543c53d49f4445055Ba18380068025370", 10 | "X509CRLHelper": "0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C" 11 | } -------------------------------------------------------------------------------- /evm/deployment/84532/dcap.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDcapAttestationFee": "0x95175096a9B74165BE0ac84260cc14Fc1c0EF5FF", 3 | "PCCSRouter": "0x0d089B3fA00CBAD0a5098025519e9e4620622acF", 4 | "V3QuoteVerifier": "0x69523d25E25e5c78d828Df90459b75F189D40Cf7", 5 | "V4QuoteVerifier": "0xD34Cf419AF06629e158DB5F67541AaF2230290FB" 6 | } -------------------------------------------------------------------------------- /evm/deployment/84532/onchain_pccs.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDaoStorage": "0x6726B94566618B17fA475af862aC73C5b7b41C56", 3 | "AutomataEnclaveIdentityDao": "0xd74e880029cd3B6b434f16beA5F53A06989458Ee", 4 | "AutomataFmspcTcbDao": "0xd3A3f34E8615065704cCb5c304C0cEd41bB81483", 5 | "AutomataPckDao": "0xa4615C2a260413878241ff7605AD9577feB356A5", 6 | "AutomataPcsDao": "0xB270cD8550DA117E3accec36A90c4b0b48daD342", 7 | "EnclaveIdentityHelper": "0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0", 8 | "FmspcTcbHelper": "0x181dc716922c84554aeA8bafa07c906F4e4C15B2", 9 | "PCKHelper": "0xeD75bb6543c53d49f4445055Ba18380068025370", 10 | "X509CRLHelper": "0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C" 11 | } -------------------------------------------------------------------------------- /evm/deployment/97/dcap.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDcapAttestationFee": "0x95175096a9B74165BE0ac84260cc14Fc1c0EF5FF", 3 | "PCCSRouter": "0x0d089B3fA00CBAD0a5098025519e9e4620622acF", 4 | "V3QuoteVerifier": "0x69523d25E25e5c78d828Df90459b75F189D40Cf7", 5 | "V4QuoteVerifier": "0xD34Cf419AF06629e158DB5F67541AaF2230290FB" 6 | } -------------------------------------------------------------------------------- /evm/deployment/97/onchain_pccs.json: -------------------------------------------------------------------------------- 1 | { 2 | "AutomataDaoStorage": "0x6726B94566618B17fA475af862aC73C5b7b41C56", 3 | "AutomataEnclaveIdentityDao": "0xd74e880029cd3B6b434f16beA5F53A06989458Ee", 4 | "AutomataFmspcTcbDao": "0xd3A3f34E8615065704cCb5c304C0cEd41bB81483", 5 | "AutomataPckDao": "0xa4615C2a260413878241ff7605AD9577feB356A5", 6 | "AutomataPcsDao": "0xB270cD8550DA117E3accec36A90c4b0b48daD342", 7 | "EnclaveIdentityHelper": "0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0", 8 | "FmspcTcbHelper": "0x181dc716922c84554aeA8bafa07c906F4e4C15B2", 9 | "PCKHelper": "0xeD75bb6543c53d49f4445055Ba18380068025370", 10 | "X509CRLHelper": "0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C" 11 | } -------------------------------------------------------------------------------- /evm/docs/PCCSRouter.md: -------------------------------------------------------------------------------- 1 | # PCCSRouter Documentation 2 | 3 | This document explains the access control mechanism implemented in the `PCCSRouter` contract and describes how QuoteVerifiers can invoke methods to load collaterals from the on-chain PCCS. 4 | 5 | --- 6 | 7 | ## Overview 8 | 9 | The `PCCSRouter` contract acts as a centralized point for contracts to retrieve collaterals from the on-chain PCCS, using various DAO contracts. It ensures that the most up-to-date PCCS DAOs are referenced and returns data in Solidity-friendly types. 10 | 11 | --- 12 | 13 | ## Access Control Mechanism 14 | 15 | The contract implements an access control mechanism using a combination of: 16 | 17 | 1. **Ownership:** 18 | The contract inherits from the `Ownable` contract (via [solady's Ownable](https://github.com/Vectorized/solady/blob/main/src/auth/Ownable.sol)) which restricts administrative functions to the owner. Methods like `setAuthorized`, `enableCallerRestriction`, and `disableCallerRestriction` are protected by the `onlyOwner` modifier. 19 | 20 | 2. **Caller Authorization:** 21 | The contract maintains an internal mapping `_authorized` that tracks which addresses are permitted to read collaterals. 22 | - **Initialization:** 23 | In the constructor, the zero address (`address(0)`) is set as authorized. This allows for `eth_call` requests to read collaterals from the PCCS. 24 | - **Modification:** 25 | The `setAuthorized` function allows the owner to add or remove addresses from the authorized list. 26 | - **Caller Restriction Toggle:** 27 | The boolean `_isCallerRestricted` determines if the authorization check is active. 28 | - When caller restriction is enabled (via `enableCallerRestriction`), functions secured by the `onlyAuthorized` modifier will revert if `msg.sender` is not in the authorized list. 29 | - Conversely, disabling caller restriction (via `disableCallerRestriction`) relaxes these checks. 30 | 31 | 3. **Read Access to `AutomataDaoStorage`:** 32 | The PCCS Router is the sole non-DAO contract that has direct read-access to `AutomataDaoStorage`. All external dApps must ONLY go through the PCCS Router to fetch collaterals from the [On Chain PCCS](https://github.com/automata-network/automata-on-chain-pccs). 33 | 34 | --- 35 | 36 | ## QuoteVerifier Integration 37 | 38 | QuoteVerifiers, which are contracts responsible for verifying Intel DCAP quotes, can interact with the `PCCSRouter` to retrieve the necessary data (such as identities, collateral hashes, or certificates). Here’s how they can invoke methods to load PCCS data: 39 | 40 | - **Authorization Setup:** 41 | Before a QuoteVerifier can access PCCS data, its address must be added to the `_authorized` mapping by calling `setAuthorized`. This ensures that the QuoteVerifier is recognized as allowed to load data from the PCCS. 42 | 43 | - **Invocation of Methods:** 44 | Once authorized, QuoteVerifiers can call the read functions (e.g., `getQeIdentity`, `getFmspcTcbV2`, etc.) to: 45 | - Retrieve attested identity data from the `EnclaveIdentityDao`. 46 | - Load TCB information via `FmspcTcbDao` with necessary decoding performed within the router. 47 | - Fetch PCK certificate details or certificate revocation lists (CRL) from the corresponding DAO contracts. 48 | 49 | These methods internally: 50 | - Verify that data is still valid by checking timestamps using the `_loadDataIfNotExpired` function. 51 | - Return decoded and formatted data to be used by the QuoteVerifier for further verification. 52 | -------------------------------------------------------------------------------- /evm/forge-script/AttestationScript.s.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | 3 | pragma solidity ^0.8.0; 4 | 5 | import {console2} from "forge-std/console2.sol"; 6 | import "../contracts/AutomataDcapAttestationFee.sol"; 7 | import "../contracts/PCCSRouter.sol"; 8 | 9 | import "./utils/Salt.sol"; 10 | import "./utils/DeploymentConfig.sol"; 11 | 12 | contract AttestationScript is DeploymentConfig { 13 | 14 | address owner = vm.envAddress("OWNER"); 15 | 16 | function deployEntrypoint() public { 17 | vm.startBroadcast(owner); 18 | 19 | AutomataDcapAttestationFee attestation = new AutomataDcapAttestationFee{salt: DCAP_ATTESTATION_SALT}(owner); 20 | 21 | console.log("Automata Dcap Attestation deployed at: ", address(attestation)); 22 | writeToJson("AutomataDcapAttestationFee", address(attestation)); 23 | 24 | vm.stopBroadcast(); 25 | } 26 | 27 | function configVerifier(uint256 version) public { 28 | string memory verifierName = string.concat( 29 | "V", 30 | vm.toString(version), 31 | "QuoteVerifier" 32 | ); 33 | address attestationAddr = readContractAddress(ProjectType.DCAP, "AutomataDcapAttestationFee"); 34 | address quoteVerifier = readContractAddress(ProjectType.DCAP, verifierName); 35 | address routerAddr = readContractAddress(ProjectType.DCAP, "PCCSRouter"); 36 | 37 | vm.startBroadcast(owner); 38 | 39 | AutomataDcapAttestationFee(attestationAddr).setQuoteVerifier(quoteVerifier); 40 | 41 | vm.stopBroadcast(); 42 | } 43 | 44 | function configureZk(uint8 zk, address verifierGateway, bytes32 programId) public { 45 | address attestationAddr = readContractAddress(ProjectType.DCAP, "AutomataDcapAttestationFee"); 46 | 47 | ZkCoProcessorConfig memory config = 48 | ZkCoProcessorConfig({dcapProgramIdentifier: programId, zkVerifier: verifierGateway}); 49 | 50 | vm.broadcast(owner); 51 | AutomataDcapAttestationFee(attestationAddr).setZkConfiguration(ZkCoProcessorType(zk), config); 52 | } 53 | } 54 | -------------------------------------------------------------------------------- /evm/forge-script/DeployRouter.s.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | 3 | pragma solidity ^0.8.0; 4 | 5 | import {console2} from "forge-std/console2.sol"; 6 | import {AutomataDaoStorage} from "@automata-network/on-chain-pccs/automata_pccs/shared/AutomataDaoStorage.sol"; 7 | 8 | import "../contracts/PCCSRouter.sol"; 9 | import "./utils/Salt.sol"; 10 | import "./utils/DeploymentConfig.sol"; 11 | import "./utils/Multichain.sol"; 12 | 13 | contract DeployRouter is DeploymentConfig, Multichain { 14 | 15 | address enclaveIdDaoAddr = readContractAddress(ProjectType.PCCS, "AutomataEnclaveIdentityDao"); 16 | address enclaveIdHelperAddr = readContractAddress(ProjectType.PCCS, "EnclaveIdentityHelper"); 17 | address pckHelperAddr = readContractAddress(ProjectType.PCCS, "PCKHelper"); 18 | address tcbDaoAddr = readContractAddress(ProjectType.PCCS, "AutomataFmspcTcbDao"); 19 | address tcbHelperAddr = readContractAddress(ProjectType.PCCS, "FmspcTcbHelper"); 20 | address crlHelperAddr = readContractAddress(ProjectType.PCCS, "X509CRLHelper"); 21 | address pcsDaoAddr = readContractAddress(ProjectType.PCCS, "AutomataPcsDao"); 22 | address pckDaoAddr = readContractAddress(ProjectType.PCCS, "AutomataPckDao"); 23 | 24 | address owner = vm.envAddress("OWNER"); 25 | 26 | bool useMultichain = vm.envBool("MULTICHAIN"); 27 | 28 | function run() public checkPccsHasDeployed { 29 | vm.startBroadcast(owner); 30 | 31 | PCCSRouter router = new PCCSRouter{salt: PCCS_ROUTER_SALT}( 32 | owner, enclaveIdDaoAddr, tcbDaoAddr, pcsDaoAddr, pckDaoAddr, pckHelperAddr, crlHelperAddr, tcbHelperAddr 33 | ); 34 | console2.log("Deployed PCCSRouter to", address(router)); 35 | writeToJson("PCCSRouter", address(router)); 36 | 37 | vm.stopBroadcast(); 38 | } 39 | 40 | function updateConfig() public { 41 | vm.startBroadcast(owner); 42 | 43 | PCCSRouter router = PCCSRouter(readContractAddress(ProjectType.DCAP, "PCCSRouter")); 44 | router.setConfig( 45 | enclaveIdDaoAddr, tcbDaoAddr, pcsDaoAddr, pckDaoAddr, pckHelperAddr, crlHelperAddr, tcbHelperAddr 46 | ); 47 | 48 | vm.stopBroadcast(); 49 | } 50 | 51 | function setAuthorizedCaller(address caller, bool authorized) public { 52 | vm.startBroadcast(owner); 53 | 54 | PCCSRouter router = PCCSRouter(readContractAddress(ProjectType.DCAP, "PCCSRouter")); 55 | router.setAuthorized(caller, authorized); 56 | 57 | vm.stopBroadcast(); 58 | } 59 | 60 | function grantAccessToStorage() public multichain(useMultichain) { 61 | vm.startBroadcast(owner); 62 | 63 | console.log("Checking PCCSRouter access to AutomataDaoStorage on chain: ", block.chainid); 64 | 65 | PCCSRouter router = PCCSRouter(readContractAddress(ProjectType.DCAP, "PCCSRouter")); 66 | AutomataDaoStorage storageContract = AutomataDaoStorage( 67 | readContractAddress(ProjectType.PCCS, "AutomataDaoStorage") 68 | ); 69 | 70 | bool authorized = storageContract.isAuthorizedCaller(address(router)); 71 | if (!authorized) { 72 | storageContract.setCallerAuthorization(address(router), true); 73 | console2.log("PCCSRouter granted access to AutomataDaoStorage"); 74 | } else { 75 | console2.log("PCCSRouter already has access to AutomataDaoStorage"); 76 | } 77 | 78 | vm.stopBroadcast(); 79 | } 80 | } 81 | -------------------------------------------------------------------------------- /evm/forge-script/utils/DeploymentConfig.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity ^0.8.0; 3 | 4 | import "forge-std/Script.sol"; 5 | import "forge-std/StdJson.sol"; 6 | 7 | enum ProjectType { 8 | PCCS, 9 | DCAP 10 | } 11 | 12 | abstract contract DeploymentConfig is Script { 13 | 14 | modifier checkPccsHasDeployed() { 15 | require( 16 | vm.exists( 17 | string.concat( 18 | vm.projectRoot(), "/", "deployment", "/", vm.toString(block.chainid), "/", "onchain_pccs.json" 19 | ) 20 | ), 21 | "Missing On Chain PCCS Deployment" 22 | ); 23 | _; 24 | } 25 | 26 | function readContractAddress(ProjectType project, string memory contractName) 27 | internal 28 | view 29 | returns (address contractAddress) 30 | { 31 | string memory dir = string.concat(vm.projectRoot(), "/", "deployment", "/", vm.toString(block.chainid)); 32 | if (!vm.exists(dir)) { 33 | revert("Deployment does not exist"); 34 | } 35 | string memory jsonStr; 36 | if (project == ProjectType.PCCS) { 37 | jsonStr = vm.readFile(string.concat(dir, "/", "onchain_pccs.json")); 38 | } else if (project == ProjectType.DCAP) { 39 | jsonStr = vm.readFile(string.concat(dir, "/", "dcap.json")); 40 | } 41 | contractAddress = stdJson.readAddress(jsonStr, string.concat(".", contractName)); 42 | } 43 | 44 | function writeToJson(string memory contractName, address contractAddress) internal { 45 | string memory deploymentDir = 46 | string.concat(vm.projectRoot(), "/", "deployment", "/", vm.toString(block.chainid)); 47 | 48 | // deployment path 49 | string memory jsonPath = string.concat(deploymentDir, "/", "dcap.json"); 50 | 51 | string memory jsonKey = "deployment key"; 52 | string memory jsonStr = ""; 53 | if (vm.exists(jsonPath)) { 54 | jsonStr = vm.readFile(jsonPath); 55 | vm.serializeJson(jsonKey, jsonStr); 56 | } 57 | 58 | string memory finalJson = vm.serializeAddress(jsonKey, contractName, contractAddress); 59 | vm.writeJson(finalJson, jsonPath); 60 | } 61 | } 62 | -------------------------------------------------------------------------------- /evm/forge-script/utils/Multichain.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity ^0.8.0; 3 | 4 | import "forge-std/Vm.sol"; 5 | import "forge-std/console.sol"; 6 | 7 | abstract contract Multichain { 8 | address constant HEVM_ADDRESS = 0x7109709ECfa91a80626fF3989D68f67F5b1DD12D; 9 | Vm constant internalVm = Vm(HEVM_ADDRESS); 10 | 11 | modifier multichain(bool runMultichain) { 12 | if (runMultichain) { 13 | string[] memory chains = internalVm.envString("CHAINS", ","); 14 | for (uint256 i = 0; i < chains.length; i++) { 15 | string memory chain = chains[i]; 16 | string memory rpcUrl = internalVm.envString(string.concat(chain, "_RPC_URL")); 17 | 18 | // run the fork 19 | try internalVm.createSelectFork(rpcUrl) { 20 | // run the script 21 | _; 22 | } catch { 23 | // if the fork fails, skip it 24 | console.log("Skipping chain: ", chain); 25 | } 26 | } 27 | } else { 28 | _; 29 | } 30 | } 31 | 32 | } -------------------------------------------------------------------------------- /evm/forge-script/utils/Salt.sol: -------------------------------------------------------------------------------- 1 | pragma solidity >0.8.0; 2 | 3 | bytes32 constant PCCS_ROUTER_SALT = keccak256(bytes("PCCS_ROUTER_SALT")); 4 | bytes32 constant DCAP_ATTESTATION_SALT = keccak256(bytes("DCAP_ATTESTATION_SALT")); 5 | bytes32 constant V3_VERIFIER_SALT = keccak256(bytes("V3_VERIFIER_SALT")); 6 | bytes32 constant V4_VERIFIER_SALT = keccak256(bytes("V4_VERIFIER_SALT")); 7 | -------------------------------------------------------------------------------- /evm/forge-script/verifiers/DeployV3.s.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | 3 | pragma solidity ^0.8.0; 4 | 5 | import "../utils/P256Configuration.sol"; 6 | import "../utils/DeploymentConfig.sol"; 7 | import "../utils/Salt.sol"; 8 | import "../../contracts/verifiers/V3QuoteVerifier.sol"; 9 | 10 | contract DeployV3 is DeploymentConfig, P256Configuration { 11 | address owner = vm.envAddress("OWNER"); 12 | address router = readContractAddress(ProjectType.DCAP, "PCCSRouter"); 13 | 14 | function run() public override { 15 | vm.startBroadcast(owner); 16 | V3QuoteVerifier verifier = new V3QuoteVerifier{salt: V3_VERIFIER_SALT}(simulateVerify(), router); 17 | vm.stopBroadcast(); 18 | console.log("V3QuoteVerifier deployed at ", address(verifier)); 19 | writeToJson("V3QuoteVerifier", address(verifier)); 20 | } 21 | 22 | function overrideVerifier(address p256Verifier) public { 23 | vm.startBroadcast(owner); 24 | V3QuoteVerifier verifier = new V3QuoteVerifier{salt: V3_VERIFIER_SALT}(p256Verifier, router); 25 | vm.stopBroadcast(); 26 | console.log("V3QuoteVerifier deployed at ", address(verifier)); 27 | writeToJson("V3QuoteVerifier", address(verifier)); 28 | } 29 | } 30 | -------------------------------------------------------------------------------- /evm/forge-script/verifiers/DeployV4.s.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | 3 | pragma solidity ^0.8.0; 4 | 5 | import "../utils/P256Configuration.sol"; 6 | import "../utils/DeploymentConfig.sol"; 7 | import "../utils/Salt.sol"; 8 | import "../../contracts/verifiers/V4QuoteVerifier.sol"; 9 | 10 | contract DeployV4 is DeploymentConfig, P256Configuration { 11 | address owner = vm.envAddress("OWNER"); 12 | address router = readContractAddress(ProjectType.DCAP, "PCCSRouter"); 13 | function run() public override { 14 | vm.startBroadcast(owner); 15 | V4QuoteVerifier verifier = new V4QuoteVerifier{salt: V4_VERIFIER_SALT}(simulateVerify(), router); 16 | vm.stopBroadcast(); 17 | console.log("V4QuoteVerifier deployed at ", address(verifier)); 18 | writeToJson("V4QuoteVerifier", address(verifier)); 19 | } 20 | 21 | function overrideVerifier(address p256Verifier) public { 22 | vm.startBroadcast(owner); 23 | V4QuoteVerifier verifier = new V4QuoteVerifier{salt: V4_VERIFIER_SALT}(p256Verifier, router); 24 | vm.stopBroadcast(); 25 | console.log("V4QuoteVerifier deployed at ", address(verifier)); 26 | writeToJson("V4QuoteVerifier", address(verifier)); 27 | } 28 | } 29 | -------------------------------------------------------------------------------- /evm/forge-test/assets/0225/qe_td.json: -------------------------------------------------------------------------------- 1 | {"enclaveIdentity":{"id":"TD_QE","version":2,"issueDate":"2025-02-15T02:09:37Z","nextUpdate":"2025-03-17T02:09:37Z","tcbEvaluationDataNumber":17,"miscselect":"00000000","miscselectMask":"FFFFFFFF","attributes":"11000000000000000000000000000000","attributesMask":"FBFFFFFFFFFFFFFF0000000000000000","mrsigner":"DC9E2A7C6F948F17474E34A7FC43ED030F7C1563F1BABDDF6340C82E0E54A8C5","isvprodid":2,"tcbLevels":[{"tcb":{"isvsvn":4},"tcbDate":"2024-03-13T00:00:00Z","tcbStatus":"UpToDate"}]},"signature":"9f14a5762519a73476fc3944bfb318a9f14afa622546a55ee25ae93cdb91756f4b9b15e4d7e65d5da2dd7d5cf8123895507c29d329dabc26c95efe28bb6e32d9"} -------------------------------------------------------------------------------- /evm/forge-test/assets/0225/tcbinfo.json: -------------------------------------------------------------------------------- 1 | {"tcbInfo":{"id":"TDX","version":3,"issueDate":"2025-02-15T03:05:10Z","nextUpdate":"2025-03-17T03:05:10Z","fmspc":"90C06F000000","pceId":"0000","tcbType":0,"tcbEvaluationDataNumber":17,"tdxModule":{"mrsigner":"000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000","attributes":"0000000000000000","attributesMask":"FFFFFFFFFFFFFFFF"},"tdxModuleIdentities":[{"id":"TDX_03","mrsigner":"000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000","attributes":"0000000000000000","attributesMask":"FFFFFFFFFFFFFFFF","tcbLevels":[{"tcb":{"isvsvn":3},"tcbDate":"2024-03-13T00:00:00Z","tcbStatus":"UpToDate"}]},{"id":"TDX_01","mrsigner":"000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000","attributes":"0000000000000000","attributesMask":"FFFFFFFFFFFFFFFF","tcbLevels":[{"tcb":{"isvsvn":4},"tcbDate":"2024-03-13T00:00:00Z","tcbStatus":"UpToDate"},{"tcb":{"isvsvn":2},"tcbDate":"2023-08-09T00:00:00Z","tcbStatus":"OutOfDate"}]}],"tcbLevels":[{"tcb":{"sgxtcbcomponents":[{"svn":2,"category":"BIOS","type":"Early Microcode Update"},{"svn":2,"category":"OS/VMM","type":"SGX Late Microcode Update"},{"svn":2,"category":"OS/VMM","type":"TXT SINIT"},{"svn":2,"category":"BIOS"},{"svn":3,"category":"BIOS"},{"svn":1,"category":"BIOS"},{"svn":0},{"svn":5,"category":"OS/VMM","type":"SEAMLDR ACM"},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":13,"tdxtcbcomponents":[{"svn":5,"category":"OS/VMM","type":"TDX Module"},{"svn":0,"category":"OS/VMM","type":"TDX Module"},{"svn":2,"category":"OS/VMM","type":"TDX Late Microcode Update"},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}]},"tcbDate":"2024-03-13T00:00:00Z","tcbStatus":"UpToDate"},{"tcb":{"sgxtcbcomponents":[{"svn":2,"category":"BIOS","type":"Early Microcode Update"},{"svn":2,"category":"OS/VMM","type":"SGX Late Microcode Update"},{"svn":2,"category":"OS/VMM","type":"TXT SINIT"},{"svn":2,"category":"BIOS"},{"svn":3,"category":"BIOS"},{"svn":1,"category":"BIOS"},{"svn":0},{"svn":5,"category":"OS/VMM","type":"SEAMLDR ACM"},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":5,"tdxtcbcomponents":[{"svn":5,"category":"OS/VMM","type":"TDX Module"},{"svn":0,"category":"OS/VMM","type":"TDX Module"},{"svn":2,"category":"OS/VMM","type":"TDX Late Microcode Update"},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}]},"tcbDate":"2018-01-04T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00106","INTEL-SA-00115","INTEL-SA-00135","INTEL-SA-00203","INTEL-SA-00220","INTEL-SA-00233","INTEL-SA-00270","INTEL-SA-00293","INTEL-SA-00320","INTEL-SA-00329","INTEL-SA-00381","INTEL-SA-00389","INTEL-SA-00477","INTEL-SA-00837"]}]},"signature":"c1b19da64b40db0d7dec11e37691e1e585a82379b1fc50d11c830418d6d12d4b7d5fe3fb761c55d173194a206fa8ae24f5ccbc62b8e1f2603d79b49535766908"} -------------------------------------------------------------------------------- /evm/forge-test/assets/0624/identity.json: -------------------------------------------------------------------------------- 1 | {"enclaveIdentity":{"id":"QE","version":2,"issueDate":"2024-06-13T10:21:07Z","nextUpdate":"2024-07-13T10:21:07Z","tcbEvaluationDataNumber":16,"miscselect":"00000000","miscselectMask":"FFFFFFFF","attributes":"11000000000000000000000000000000","attributesMask":"FBFFFFFFFFFFFFFF0000000000000000","mrsigner":"8C4F5775D796503E96137F77C68A829A0056AC8DED70140B081B094490C57BFF","isvprodid":1,"tcbLevels":[{"tcb":{"isvsvn":8},"tcbDate":"2023-08-09T00:00:00Z","tcbStatus":"UpToDate"},{"tcb":{"isvsvn":6},"tcbDate":"2021-11-10T00:00:00Z","tcbStatus":"OutOfDate"},{"tcb":{"isvsvn":5},"tcbDate":"2020-11-11T00:00:00Z","tcbStatus":"OutOfDate"},{"tcb":{"isvsvn":4},"tcbDate":"2019-11-13T00:00:00Z","tcbStatus":"OutOfDate"},{"tcb":{"isvsvn":2},"tcbDate":"2019-05-15T00:00:00Z","tcbStatus":"OutOfDate"},{"tcb":{"isvsvn":1},"tcbDate":"2018-08-15T00:00:00Z","tcbStatus":"OutOfDate"}]},"signature":"8b00cbe1be4e7c9cca76a9c82cca19ad513fbd3cbb78356f6596c6cd50b6991287cad59d308052351bce8067ff8c8c99f92a599de19e7afdcc3d87048157e81e"} -------------------------------------------------------------------------------- /evm/forge-test/assets/0624/qeidentityv2_apiv4.json: -------------------------------------------------------------------------------- 1 | {"enclaveIdentity":{"id":"TD_QE","version":2,"issueDate":"2024-05-16T07:40:25Z","nextUpdate":"2024-06-15T07:40:25Z","tcbEvaluationDataNumber":17,"miscselect":"00000000","miscselectMask":"FFFFFFFF","attributes":"11000000000000000000000000000000","attributesMask":"FBFFFFFFFFFFFFFF0000000000000000","mrsigner":"DC9E2A7C6F948F17474E34A7FC43ED030F7C1563F1BABDDF6340C82E0E54A8C5","isvprodid":2,"tcbLevels":[{"tcb":{"isvsvn":4},"tcbDate":"2024-03-13T00:00:00Z","tcbStatus":"UpToDate"}]},"signature":"22befcb8868a18ff6c522bc82df21cd58e2534a35cd1574be39f368d260c2acae7c18a6e3e3535fb3c74748b2db17f8024982ecf42b036d560a7aa45f3576e86"} -------------------------------------------------------------------------------- /evm/forge-test/assets/0624/tcbinfo.json: -------------------------------------------------------------------------------- 1 | {"tcbInfo":{"version":2,"issueDate":"2024-06-13T10:29:20Z","nextUpdate":"2024-07-13T10:29:20Z","fmspc":"00606a000000","pceId":"0000","tcbType":0,"tcbEvaluationDataNumber":16,"tcbLevels":[{"tcb":{"sgxtcbcomp01svn":12,"sgxtcbcomp02svn":12,"sgxtcbcomp03svn":3,"sgxtcbcomp04svn":3,"sgxtcbcomp05svn":255,"sgxtcbcomp06svn":255,"sgxtcbcomp07svn":1,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":13},"tcbDate":"2023-08-09T00:00:00Z","tcbStatus":"SWHardeningNeeded"},{"tcb":{"sgxtcbcomp01svn":12,"sgxtcbcomp02svn":12,"sgxtcbcomp03svn":3,"sgxtcbcomp04svn":3,"sgxtcbcomp05svn":255,"sgxtcbcomp06svn":255,"sgxtcbcomp07svn":0,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":13},"tcbDate":"2023-08-09T00:00:00Z","tcbStatus":"ConfigurationAndSWHardeningNeeded"},{"tcb":{"sgxtcbcomp01svn":11,"sgxtcbcomp02svn":11,"sgxtcbcomp03svn":3,"sgxtcbcomp04svn":3,"sgxtcbcomp05svn":255,"sgxtcbcomp06svn":255,"sgxtcbcomp07svn":1,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":13},"tcbDate":"2023-02-15T00:00:00Z","tcbStatus":"OutOfDate"},{"tcb":{"sgxtcbcomp01svn":11,"sgxtcbcomp02svn":11,"sgxtcbcomp03svn":3,"sgxtcbcomp04svn":3,"sgxtcbcomp05svn":255,"sgxtcbcomp06svn":255,"sgxtcbcomp07svn":0,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":13},"tcbDate":"2023-02-15T00:00:00Z","tcbStatus":"OutOfDateConfigurationNeeded"},{"tcb":{"sgxtcbcomp01svn":7,"sgxtcbcomp02svn":9,"sgxtcbcomp03svn":3,"sgxtcbcomp04svn":3,"sgxtcbcomp05svn":255,"sgxtcbcomp06svn":255,"sgxtcbcomp07svn":1,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":13},"tcbDate":"2022-08-10T00:00:00Z","tcbStatus":"OutOfDate"},{"tcb":{"sgxtcbcomp01svn":7,"sgxtcbcomp02svn":9,"sgxtcbcomp03svn":3,"sgxtcbcomp04svn":3,"sgxtcbcomp05svn":255,"sgxtcbcomp06svn":255,"sgxtcbcomp07svn":0,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":13},"tcbDate":"2022-08-10T00:00:00Z","tcbStatus":"OutOfDateConfigurationNeeded"},{"tcb":{"sgxtcbcomp01svn":4,"sgxtcbcomp02svn":4,"sgxtcbcomp03svn":3,"sgxtcbcomp04svn":3,"sgxtcbcomp05svn":255,"sgxtcbcomp06svn":255,"sgxtcbcomp07svn":0,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":11},"tcbDate":"2021-11-10T00:00:00Z","tcbStatus":"OutOfDate"},{"tcb":{"sgxtcbcomp01svn":4,"sgxtcbcomp02svn":4,"sgxtcbcomp03svn":3,"sgxtcbcomp04svn":3,"sgxtcbcomp05svn":255,"sgxtcbcomp06svn":255,"sgxtcbcomp07svn":0,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":10},"tcbDate":"2020-11-11T00:00:00Z","tcbStatus":"OutOfDate"},{"tcb":{"sgxtcbcomp01svn":4,"sgxtcbcomp02svn":4,"sgxtcbcomp03svn":3,"sgxtcbcomp04svn":3,"sgxtcbcomp05svn":255,"sgxtcbcomp06svn":255,"sgxtcbcomp07svn":0,"sgxtcbcomp08svn":0,"sgxtcbcomp09svn":0,"sgxtcbcomp10svn":0,"sgxtcbcomp11svn":0,"sgxtcbcomp12svn":0,"sgxtcbcomp13svn":0,"sgxtcbcomp14svn":0,"sgxtcbcomp15svn":0,"sgxtcbcomp16svn":0,"pcesvn":5},"tcbDate":"2018-01-04T00:00:00Z","tcbStatus":"OutOfDate"}]},"signature":"5f86b5de1eb07f3888f2da99ed654a67d2983e8dd219fd48b74a302847e4f96514cf66d312288c7535901279c5230d18f7181b5e40c3ebc5e38a30e38d98d642"} -------------------------------------------------------------------------------- /evm/forge-test/assets/0624/tcbinfov3_00806f050000.json: -------------------------------------------------------------------------------- 1 | {"tcbInfo":{"id":"TDX","version":3,"issueDate":"2024-05-16T07:41:39Z","nextUpdate":"2024-06-15T07:41:39Z","fmspc":"00806f050000","pceId":"0000","tcbType":0,"tcbEvaluationDataNumber":17,"tdxModule":{"mrsigner":"000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000","attributes":"0000000000000000","attributesMask":"FFFFFFFFFFFFFFFF"},"tdxModuleIdentities":[{"id":"TDX_01","mrsigner":"000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000","attributes":"0000000000000000","attributesMask":"FFFFFFFFFFFFFFFF","tcbLevels":[{"tcb":{"isvsvn":4},"tcbDate":"2024-03-13T00:00:00Z","tcbStatus":"UpToDate"},{"tcb":{"isvsvn":2},"tcbDate":"2023-08-09T00:00:00Z","tcbStatus":"OutOfDate"}]}],"tcbLevels":[{"tcb":{"sgxtcbcomponents":[{"svn":7,"category":"BIOS","type":"Early Microcode Update"},{"svn":7,"category":"OS/VMM","type":"SGX Late Microcode Update"},{"svn":2,"category":"OS/VMM","type":"TXT SINIT"},{"svn":2,"category":"BIOS"},{"svn":3,"category":"BIOS"},{"svn":1,"category":"BIOS"},{"svn":0},{"svn":3,"category":"OS/VMM","type":"SEAMLDR ACM"},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":11,"tdxtcbcomponents":[{"svn":4,"category":"OS/VMM","type":"TDX Module"},{"svn":0,"category":"OS/VMM","type":"TDX Module"},{"svn":7,"category":"OS/VMM","type":"TDX Late Microcode Update"},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}]},"tcbDate":"2024-03-13T00:00:00Z","tcbStatus":"UpToDate"},{"tcb":{"sgxtcbcomponents":[{"svn":6,"category":"BIOS","type":"Early Microcode Update"},{"svn":6,"category":"OS/VMM","type":"SGX Late Microcode Update"},{"svn":2,"category":"OS/VMM","type":"TXT SINIT"},{"svn":2,"category":"BIOS"},{"svn":3,"category":"BIOS"},{"svn":1,"category":"BIOS"},{"svn":0},{"svn":3,"category":"OS/VMM","type":"SEAMLDR ACM"},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":11,"tdxtcbcomponents":[{"svn":3,"category":"OS/VMM","type":"TDX Module"},{"svn":0,"category":"OS/VMM","type":"TDX Module"},{"svn":6,"category":"OS/VMM","type":"TDX Late Microcode Update"},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}]},"tcbDate":"2023-08-09T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00960","INTEL-SA-00982","INTEL-SA-00986"]},{"tcb":{"sgxtcbcomponents":[{"svn":5,"category":"BIOS","type":"Early Microcode Update"},{"svn":5,"category":"OS/VMM","type":"SGX Late Microcode Update"},{"svn":2,"category":"OS/VMM","type":"TXT SINIT"},{"svn":2,"category":"BIOS"},{"svn":3,"category":"BIOS"},{"svn":1,"category":"BIOS"},{"svn":0},{"svn":3,"category":"OS/VMM","type":"SEAMLDR ACM"},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":11,"tdxtcbcomponents":[{"svn":3,"category":"OS/VMM","type":"TDX Module"},{"svn":0,"category":"OS/VMM","type":"TDX Module"},{"svn":5,"category":"OS/VMM","type":"TDX Late Microcode Update"},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}]},"tcbDate":"2023-02-15T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00837","INTEL-SA-00960","INTEL-SA-00982","INTEL-SA-00986"]},{"tcb":{"sgxtcbcomponents":[{"svn":5,"category":"BIOS","type":"Early Microcode Update"},{"svn":5,"category":"OS/VMM","type":"SGX Late Microcode Update"},{"svn":2,"category":"OS/VMM","type":"TXT SINIT"},{"svn":2,"category":"BIOS"},{"svn":3,"category":"BIOS"},{"svn":1,"category":"BIOS"},{"svn":0},{"svn":3,"category":"OS/VMM","type":"SEAMLDR ACM"},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}],"pcesvn":5,"tdxtcbcomponents":[{"svn":3,"category":"OS/VMM","type":"TDX Module"},{"svn":0,"category":"OS/VMM","type":"TDX Module"},{"svn":5,"category":"OS/VMM","type":"TDX Late Microcode Update"},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0},{"svn":0}]},"tcbDate":"2018-01-04T00:00:00Z","tcbStatus":"OutOfDate","advisoryIDs":["INTEL-SA-00106","INTEL-SA-00115","INTEL-SA-00135","INTEL-SA-00203","INTEL-SA-00220","INTEL-SA-00233","INTEL-SA-00270","INTEL-SA-00293","INTEL-SA-00320","INTEL-SA-00329","INTEL-SA-00381","INTEL-SA-00389","INTEL-SA-00477","INTEL-SA-00837","INTEL-SA-00960","INTEL-SA-00982","INTEL-SA-00986"]}]},"signature":"e1e17e222d83395873de80f826565721a48d420e507d40afbb702039ac4a0bc0c1584082a4e868d1af6fd9f0acc36f29ede3a802668b0599f9090720e070a99b"} -------------------------------------------------------------------------------- /evm/forge-test/utils/RiscZeroSetup.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity ^0.8.13; 3 | 4 | import {RiscZeroGroth16Verifier} from "risc0/groth16/RiscZeroGroth16Verifier.sol"; 5 | import {ControlID} from "risc0/groth16/ControlID.sol"; 6 | 7 | abstract contract RiscZeroSetup { 8 | RiscZeroGroth16Verifier riscZeroVerifier; 9 | 10 | function setUpRiscZero() internal { 11 | riscZeroVerifier = new RiscZeroGroth16Verifier(ControlID.CONTROL_ROOT, ControlID.BN254_CONTROL_ID); 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /evm/forge-test/utils/succinct/Groth16Setup.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity ^0.8.13; 3 | 4 | import {SP1Verifier} from "@sp1-contracts/v5.0.0/SP1VerifierGroth16.sol"; 5 | 6 | contract Groth16Setup { 7 | function setup() public returns (address verifier) { 8 | SP1Verifier groth16Verifier = new SP1Verifier(); 9 | verifier = address(groth16Verifier); 10 | } 11 | } 12 | -------------------------------------------------------------------------------- /evm/forge-test/utils/succinct/PlonkSetup.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity ^0.8.13; 3 | 4 | import {SP1Verifier} from "@sp1-contracts/v5.0.0/SP1VerifierPlonk.sol"; 5 | 6 | contract PlonkSetup { 7 | function setup() public returns (address verifier) { 8 | SP1Verifier plonkVerifier = new SP1Verifier(); 9 | verifier = address(plonkVerifier); 10 | } 11 | } 12 | -------------------------------------------------------------------------------- /evm/foundry.toml: -------------------------------------------------------------------------------- 1 | [profile.default] 2 | src = 'contracts' 3 | out = 'out' 4 | libs = ['lib'] 5 | script = 'forge-script' 6 | test = 'forge-test' 7 | cache_path = 'cache_forge' 8 | fs_permissions = [{ access = "read-write", path = "./"}] 9 | remappings = [ 10 | "solady/=lib/automata-on-chain-pccs/lib/solady/src/", 11 | "p256-verifier/=lib/automata-on-chain-pccs/lib/p256-verifier/src/", 12 | "@automata-network/on-chain-pccs/=lib/automata-on-chain-pccs/src/", 13 | "risc0/=lib/risc0-ethereum/contracts/src/", 14 | # foundry is not able to detect this particular remapping for some reason... 15 | "openzeppelin/=lib/risc0-ethereum/lib/openzeppelin-contracts/", 16 | "@sp1-contracts/=lib/sp1-contracts/contracts/src/" 17 | ] 18 | solc = "0.8.27" 19 | optimizer = true 20 | optimizer_runs = 200 21 | 22 | # Useful link: https://github.com/foundry-rs/foundry/issues/3507 23 | viaIR = true 24 | evm_version = "paris" 25 | 26 | ffi = true 27 | 28 | [etherscan] 29 | base_sepolia = { key = "${ETHERSCAN_API_KEY}" } 30 | holesky = { key = "${ETHERSCAN_API_KEY}" } 31 | sepolia = { key = "${ETHERSCAN_API_KEY}" } 32 | optimism_sepolia = { key = "${ETHERSCAN_API_KEY}" } 33 | arbitrum_sepolia = { key = "${ETHERSCAN_API_KEY}" } 34 | world_sepolia = { key = "${ETHERSCAN_API_KEY}" } 35 | bsc_testnet = { key = "${ETHERSCAN_API_KEY}" } 36 | polygon_amoy = { key = "${ETHERSCAN_API_KEY}", chain = 80002 } 37 | unichain_sepolia = { key = "${ETHERSCAN_API_KEY}", chain = 1301 } 38 | mainnet = { key = "${ETHERSCAN_API_KEY}" } 39 | base = { key = "${ETHERSCAN_API_KEY}" } 40 | optimism = { key = "${ETHERSCAN_API_KEY}" } 41 | arbitrum = { key = "${ETHERSCAN_API_KEY}" } 42 | world = { key = "${ETHERSCAN_API_KEY}" } 43 | bsc = { key = "${ETHERSCAN_API_KEY}" } 44 | polygon_pos = { key = "${ETHERSCAN_API_KEY}" } -------------------------------------------------------------------------------- /evm/js/index.js: -------------------------------------------------------------------------------- 1 | const ethers = require('ethers'); 2 | const fs = require('fs'); 3 | const { abi: IAttestationABI } = require('./abi/AutomataDcapAttestationFee.json'); 4 | 5 | const RPC_URL = "https://1rpc.io/ata/testnet"; 6 | const ATTESTATION_ADDR = "0x95175096a9B74165BE0ac84260cc14Fc1c0EF5FF"; 7 | 8 | // two ways you may submit a quote: 9 | // Option 1: node index.js -p 10 | // Option 2: node index.js -h 11 | async function main() { 12 | // Instantiate the provider and the contract 13 | const provider = new ethers.JsonRpcProvider(RPC_URL); 14 | const attestation = new ethers.Contract(ATTESTATION_ADDR, IAttestationABI, provider); 15 | 16 | const flag = process.argv[2]; 17 | if (flag === '-p' || flag === '--path') { 18 | // enter path relative to pwd 19 | // i suggest cd to the /js dir, so you can simply provide the following path: 20 | // ./data/quote.hex, which is the default path if the argument is not provided 21 | const path = process.argv[3] ? process.argv[3] : './data/quote.hex'; 22 | const quote = _checkPrefix(fs.readFileSync(path, 'utf8')); 23 | _sendQuote(attestation, quote); 24 | } else if (flag === '-h' || flag === '--hex') { 25 | const quote = _checkPrefix(process.argv[3]); 26 | _sendQuote(attestation, quote); 27 | } else { 28 | throw new Error("Unknown option"); 29 | } 30 | } 31 | 32 | async function _sendQuote(attestationContract, quote) { 33 | const output = await attestationContract.verifyAndAttestOnChain.staticCall(quote); 34 | const deserialized = _deserializeOutput(output); 35 | console.log(deserialized); 36 | } 37 | 38 | function _checkPrefix(hex) { 39 | let prefixed = ''; 40 | if (hex.substring(0, 2) !== '0x') { 41 | prefixed = '0x' + hex; 42 | } else { 43 | prefixed = hex; 44 | } 45 | return prefixed.toLowerCase(); 46 | } 47 | 48 | function _deserializeOutput(output) { 49 | const status = output[0]; 50 | const serialized = output[1]; 51 | 52 | if (status) { 53 | const serializedBytes = Buffer.from(serialized.substring(2), 'hex'); 54 | const version = serializedBytes.subarray(0, 2); 55 | const tee = serializedBytes.subarray(2, 6); 56 | const tcbStatus = serializedBytes.subarray(6, 7); 57 | const fmspc = serializedBytes.subarray(7, 13); 58 | const quoteBody = serializedBytes.subarray(13, serializedBytes.length); 59 | 60 | let teeTypeString = ""; 61 | let tcbStatusString = ""; 62 | 63 | const teeHex = tee.toString('hex'); 64 | if (teeHex === "00000000") { 65 | teeTypeString = "SGX"; 66 | } else if (teeHex === "00000081") { 67 | teeTypeString = "TDX"; 68 | } 69 | 70 | const tcbStatusEnumIsh = parseInt(tcbStatus.toString('hex')); 71 | switch (tcbStatusEnumIsh) { 72 | case 0: 73 | tcbStatusString = "OK"; 74 | break; 75 | case 1: 76 | tcbStatusString = "TCB_SW_HARDENING_NEEDED"; 77 | break; 78 | case 2: 79 | tcbStatusString = "TCB_CONFIGURATION_AND_SW_HARDENING_NEEDED"; 80 | break; 81 | case 3: 82 | tcbStatusString = "TCB_CONFIGURATION_NEEDED"; 83 | break; 84 | case 4: 85 | tcbStatusString = "TCB_OUT_OF_DATE"; 86 | break; 87 | case 5: 88 | tcbStatusString = "TCB_OUT_OF_DATE_CONFIGURATION_NEEDED"; 89 | break; 90 | case 6: 91 | tcbStatusString = "TCB_REVOKED"; 92 | break; 93 | default: 94 | tcbStatusString = "TCB_UNRECOGNIZED"; 95 | } 96 | 97 | return { 98 | status: status, 99 | version: parseInt(version.toString('hex')), 100 | tee: teeTypeString, 101 | tcbStatus: tcbStatusString, 102 | fmspc: fmspc.toString('hex'), 103 | quoteBody: quoteBody.toString('hex') 104 | } 105 | } else { 106 | return { 107 | status: status, 108 | reason: ethers.toUtf8String(serialized) 109 | } 110 | } 111 | } 112 | 113 | main(); -------------------------------------------------------------------------------- /evm/js/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "js", 3 | "version": "1.0.0", 4 | "main": "index.js", 5 | "author": "Preston Ong", 6 | "license": "MIT", 7 | "dependencies": { 8 | "ethers": "^6.13.0" 9 | } 10 | } 11 | -------------------------------------------------------------------------------- /evm/js/yarn.lock: -------------------------------------------------------------------------------- 1 | # THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY. 2 | # yarn lockfile v1 3 | 4 | 5 | "@adraffy/ens-normalize@1.10.1": 6 | version "1.10.1" 7 | resolved "https://registry.yarnpkg.com/@adraffy/ens-normalize/-/ens-normalize-1.10.1.tgz#63430d04bd8c5e74f8d7d049338f1cd9d4f02069" 8 | integrity sha512-96Z2IP3mYmF1Xg2cDm8f1gWGf/HUVedQ3FMifV4kG/PQ4yEP51xDtRAEfhVNt5f/uzpNkZHwWQuUcu6D6K+Ekw== 9 | 10 | "@noble/curves@1.2.0": 11 | version "1.2.0" 12 | resolved "https://registry.yarnpkg.com/@noble/curves/-/curves-1.2.0.tgz#92d7e12e4e49b23105a2555c6984d41733d65c35" 13 | integrity sha512-oYclrNgRaM9SsBUBVbb8M6DTV7ZHRTKugureoYEncY5c65HOmRzvSiTE3y5CYaPYJA/GVkrhXEoF0M3Ya9PMnw== 14 | dependencies: 15 | "@noble/hashes" "1.3.2" 16 | 17 | "@noble/hashes@1.3.2": 18 | version "1.3.2" 19 | resolved "https://registry.yarnpkg.com/@noble/hashes/-/hashes-1.3.2.tgz#6f26dbc8fbc7205873ce3cee2f690eba0d421b39" 20 | integrity sha512-MVC8EAQp7MvEcm30KWENFjgR+Mkmf+D189XJTkFIlwohU5hcBbn1ZkKq7KVTi2Hme3PMGF390DaL52beVrIihQ== 21 | 22 | "@types/node@18.15.13": 23 | version "18.15.13" 24 | resolved "https://registry.yarnpkg.com/@types/node/-/node-18.15.13.tgz#f64277c341150c979e42b00e4ac289290c9df469" 25 | integrity sha512-N+0kuo9KgrUQ1Sn/ifDXsvg0TTleP7rIy4zOBGECxAljqvqfqpTfzx0Q1NUedOixRMBfe2Whhb056a42cWs26Q== 26 | 27 | aes-js@4.0.0-beta.5: 28 | version "4.0.0-beta.5" 29 | resolved "https://registry.yarnpkg.com/aes-js/-/aes-js-4.0.0-beta.5.tgz#8d2452c52adedebc3a3e28465d858c11ca315873" 30 | integrity sha512-G965FqalsNyrPqgEGON7nIx1e/OVENSgiEIzyC63haUMuvNnwIgIjMs52hlTCKhkBny7A2ORNlfY9Zu+jmGk1Q== 31 | 32 | ethers@^6.13.0: 33 | version "6.13.0" 34 | resolved "https://registry.yarnpkg.com/ethers/-/ethers-6.13.0.tgz#f342958d0f622cf06559f59fbccdc1d30fa64f50" 35 | integrity sha512-+yyQQQWEntY5UVbCv++guA14RRVFm1rSnO1GoLFdrK7/XRWMoktNgyG9UjwxrQqGBfGyFKknNZ81YpUS2emCgg== 36 | dependencies: 37 | "@adraffy/ens-normalize" "1.10.1" 38 | "@noble/curves" "1.2.0" 39 | "@noble/hashes" "1.3.2" 40 | "@types/node" "18.15.13" 41 | aes-js "4.0.0-beta.5" 42 | tslib "2.4.0" 43 | ws "8.5.0" 44 | 45 | tslib@2.4.0: 46 | version "2.4.0" 47 | resolved "https://registry.yarnpkg.com/tslib/-/tslib-2.4.0.tgz#7cecaa7f073ce680a05847aa77be941098f36dc3" 48 | integrity sha512-d6xOpEDfsi2CZVlPQzGeux8XMwLT9hssAsaPYExaQMuYskwb+x1x7J371tWlbBdWHroy99KnVB6qIkUbs5X3UQ== 49 | 50 | ws@8.5.0: 51 | version "8.5.0" 52 | resolved "https://registry.yarnpkg.com/ws/-/ws-8.5.0.tgz#bfb4be96600757fe5382de12c670dab984a1ed4f" 53 | integrity sha512-BWX0SWVgLPzYwF8lTzEy1egjhS4S4OEAHfsO8o65WOVsrnSRGaSiUaa9e0ggGlkMTtBlmOpEXiie9RUcBO86qg== 54 | -------------------------------------------------------------------------------- /releases/evm-v1.0.0/NOTE.md: -------------------------------------------------------------------------------- 1 | # Automata DCAP Attestation (EVM) 2 | 3 | ## Release Note `evm-v1.0.0` 4 | 5 | A production-ready release of the Automata DCAP Attestation EVM Solidity Smart Contracts. 6 | 7 | This release only applies to source code located in the `/evm` directory. 8 | 9 | ### What's Changed? 10 | 11 | - The contract has been fully audited by Trail of Bits. 12 | [🔗 View the full audit report](https://github.com/trailofbits/publications/blob/master/reviews/2025-02-automata-dcap-attestation-onchain-pccs-securityreview.pdf) 13 | 14 | - Integrated [RIP-7212](https://github.com/ethereum/RIPs/blob/master/RIPS/rip-7212.md) for cheaper secp256r1 ECDSA verification on supported networks. 15 | 16 | - TEE Type values are encoded and handled in little-endian order. 17 | 18 | - Intel PCK Certificate Chain must now contain exactly 3 X509 Certificates. 19 | 20 | - PCCS Router checks the validity window before loading the full collateral data, which prevents wasting gas on loading expired collaterals into memory. 21 | 22 | - Checks Attestation Timestamp for Quote Verifications with ZK. 23 | 24 | - Checks `TcbInfo` and `QEIdentity` for Quote Verification with ZK. 25 | 26 | - Event logs are emitted for all state-changing functions. 27 | 28 | --- 29 | 30 | [👉 Full Changelog (`v0.1.1...evm-v1.0.0`)](https://github.com/automata-network/automata-dcap-attestation/compare/v0.1.1...evm-v1.0.0) -------------------------------------------------------------------------------- /solana/.gitignore: -------------------------------------------------------------------------------- 1 | **/target 2 | **/keypair 3 | **/Cargo.lock 4 | **/.DS_Store -------------------------------------------------------------------------------- /solana/automata-dcap-client/Cargo.toml: -------------------------------------------------------------------------------- 1 | [package] 2 | name = "automata-dcap-client" 3 | version.workspace = true 4 | edition.workspace = true 5 | authors.workspace = true 6 | homepage.workspace = true 7 | license.workspace = true 8 | 9 | [lib] 10 | crate-type = ["lib"] 11 | 12 | [dependencies] 13 | solana-sdk = { workspace = true } 14 | solana-rpc-client = { workspace = true } 15 | anyhow = { workspace = true } 16 | borsh = { workspace = true } 17 | serde_json = { version = "1.0", default-features = false, features = ["alloc"] } 18 | serde = { version = "1.0", default-features = false, features = ["derive"] } 19 | solana-transaction-status-client-types = "2.1.6" 20 | -------------------------------------------------------------------------------- /solana/automata-dcap-client/README.md: -------------------------------------------------------------------------------- 1 | # Automata DCAP on Solana Rust Client 2 | 3 | Add the line below in your project's `Cargo.toml`. 4 | 5 | ```toml 6 | [dependencies] 7 | automata-dcap-client = { git = "https://github.com/automata-network/automata-dcap-attestation.git" } 8 | # other dependencies... 9 | ``` 10 | 11 | ## Example 12 | 13 | ```rust 14 | use solana_rpc_client::rpc_client::RpcClient; 15 | use solana_sdk::{ 16 | signer::{keypair::Keypair, Signer}, 17 | transaction::Transaction, 18 | compute_budget::ComputeBudgetInstruction, 19 | }; 20 | 21 | use automata_dcap_client::{ 22 | get_index_from_create_output_account, 23 | create::*, 24 | verify::{self, ZkvmSelector}, 25 | delete::* 26 | }; 27 | 28 | fn main() -> Result<()> { 29 | // instantiate the client 30 | let rpc_url = String::from("https://api.devnet.solana.com"); 31 | let client = RpcClient::new(rpc_url); 32 | 33 | // generate the payer wallet 34 | let payer = Keypair::generate(); 35 | let payer_pubkey = payer.pubkey(); 36 | 37 | // ... implementations that get you `output_bytes` and `proof_bytes` 38 | let output_bytes: &[u8] = todo!; 39 | let proof_bytes: &[u8] = todo!; 40 | 41 | // Tx 1: create the output PDA to upload the output 42 | let create_instruction = create::create_output_account_instruction( 43 | &client, 44 | &payer_pubkey, 45 | output_bytes 46 | )?; 47 | let mut tx_1 = Transaction::new_with_payer(&[create_instruction], Some(&payer_pubkey)); 48 | tx_1.sign(&[&payer], client.get_latest_blockhash()?); 49 | let sig_tx_1 = client.send_and_confirm_transaction(&tx_1)?; 50 | 51 | // Before submitting the proof to verify, we need to fetch the id 52 | // associated with the output by reading the logs from tx_1. 53 | let output_id = get_index_from_create_output_account(&client, &sig_tx_1)?; 54 | 55 | // Note: Proof verification is likely to consume compute units higher than the default 200_000 CU limit 56 | // Therefore, we should include the `SetComputeUnitLimit` instruction to request for higher budget. (This will not increase the transaction fee, unless you include a priority fee or additional signers to the transaction) 57 | 58 | // Tx 2: verify the proof 59 | 60 | let verify_instruction = verify::verify_proof_instruction( 61 | output_id, 62 | ZkvmSelector::RiscZero, // assuming you get proofs from RiscZero 63 | &proof_bytes, 64 | )?; 65 | 66 | let estimated_compute_units: u32 = 320_000; // may vary 67 | let set_compute_unit_limit_instruction = 68 | ComputeBudgetInstruction::set_compute_unit_limit(estimated_compute_units); 69 | 70 | let mut tx_2 = Transaction::new_with_payer( 71 | &[set_compute_unit_limit_instruction, verify_instruction], 72 | Some(&payer_pubkey), 73 | ); 74 | tx_2.sign(&[&payer], client.get_latest_blockhash()?); 75 | let sig_tx_2 = client.send_and_confirm_transaction(&tx_2)?; 76 | 77 | // once the proof has been successfully verified 78 | // the payer has the option to close the output account to re-claim SOL paid for rent 79 | // which effectively "deletes" the output data from the chain 80 | 81 | // Tx 3: close the output account 82 | let delete_instruction = delete::delete_output_account_instruction( 83 | &payer_pubkey, 84 | output_id 85 | ); 86 | 87 | let mut tx_3 = Transaction::new_with_payer( 88 | &[delete_instruction], 89 | Some(&payer_pubkey), 90 | ); 91 | tx_3.sign(&[&payer], client.get_latest_blockhash()?); 92 | let sig_tx_3 = client.send_and_confirm_transaction(&tx_3)?; 93 | 94 | Ok(()) 95 | } 96 | ``` 97 | 98 | More examples can be found at our [`Automata DCAP zkVM Demo`](https://github.com/automata-network/automata-dcap-zkvm-cli/blob/solana/dcap-sp1-cli/src/solana/mod.rs). -------------------------------------------------------------------------------- /solana/automata-dcap-client/src/bin/counter.rs: -------------------------------------------------------------------------------- 1 | use anyhow::Result; 2 | use solana_rpc_client::rpc_client::RpcClient; 3 | use solana_sdk::{ 4 | rent::Rent, signer::{keypair::Keypair, Signer}, system_instruction::create_account, sysvar::Sysvar, transaction::Transaction 5 | }; 6 | use std::{env, fs, path::PathBuf}; 7 | 8 | use automata_dcap_client::{DCAP_COUNTER_PUBKEY, DCAP_PROGRAM_ID}; 9 | 10 | fn main() -> Result<()> { 11 | // instantiate RPC client 12 | let rpc_url = 13 | env::var("SOLANA_RPC_URL").unwrap_or_else(|_| "https://api.devnet.solana.com".to_string()); 14 | println!("RPC URL: {}", rpc_url.as_str()); 15 | let client = RpcClient::new(rpc_url); 16 | 17 | // instantiate payer 18 | let payer = load_payer()?; 19 | let payer_pubkey = payer.pubkey(); 20 | println!("Payer address: {}", payer_pubkey.to_string()); 21 | 22 | let space = 8usize; 23 | let rent_exempt_lamports = match Rent::get() { 24 | Ok(rent) => rent.minimum_balance(space), 25 | Err(_) => { 26 | let rent = Rent::default(); 27 | rent.minimum_balance(space) 28 | } 29 | }; 30 | 31 | // load counter keypair 32 | let counter_keypair = load_counter_keypair()?; 33 | 34 | let create_account_instruction = create_account( 35 | &payer_pubkey, 36 | &DCAP_COUNTER_PUBKEY, 37 | rent_exempt_lamports, 38 | space as u64, 39 | &DCAP_PROGRAM_ID, 40 | ); 41 | 42 | let mut tx = Transaction::new_with_payer(&[create_account_instruction], Some(&payer_pubkey)); 43 | tx.sign(&[&payer, &counter_keypair], client.get_latest_blockhash()?); 44 | let sig = client.send_and_confirm_transaction(&tx)?; 45 | println!("Counter account created, tx sig: {}", sig.to_string()); 46 | 47 | Ok(()) 48 | } 49 | 50 | fn load_payer() -> Result { 51 | // Warning: home_dir() is not correct for Windows OS 52 | let mut keypair_dir = env::home_dir().unwrap(); 53 | 54 | keypair_dir.push(".config"); 55 | keypair_dir.push("solana"); 56 | keypair_dir.push("id.json"); 57 | 58 | let keypair_read = fs::read_to_string(keypair_dir)?; 59 | let keypair_vec: Vec = serde_json::from_str(keypair_read.as_str())?; 60 | 61 | Ok(Keypair::from_bytes(&keypair_vec)?) 62 | } 63 | 64 | fn load_counter_keypair() -> Result { 65 | let keypair_dir = PathBuf::from(format!( 66 | "{}/../automata-dcap-program/keypair/{}.json", 67 | env::var("CARGO_MANIFEST_DIR").expect("Invalid cargo manifest env value"), 68 | DCAP_COUNTER_PUBKEY.to_string() 69 | )); 70 | 71 | let keypair_read = fs::read_to_string(keypair_dir)?; 72 | let keypair_vec: Vec = serde_json::from_str(keypair_read.as_str())?; 73 | 74 | Ok(Keypair::from_bytes(&keypair_vec)?) 75 | } 76 | -------------------------------------------------------------------------------- /solana/automata-dcap-client/src/create.rs: -------------------------------------------------------------------------------- 1 | use anyhow::Result; 2 | use borsh::BorshSerialize; 3 | use solana_rpc_client::rpc_client::RpcClient; 4 | use solana_sdk::{ 5 | instruction::{AccountMeta, Instruction}, 6 | pubkey::Pubkey, 7 | system_program, sysvar 8 | }; 9 | 10 | use crate::{derive_output_account, get_current_count, DCAP_COUNTER_PUBKEY, DCAP_PROGRAM_ID}; 11 | 12 | pub fn create_output_account_instruction( 13 | rpc_client: &RpcClient, 14 | from: &Pubkey, 15 | verified_output: &[u8], 16 | ) -> Result { 17 | let current_count = get_current_count(rpc_client)?; 18 | let (pda_derived, _) = derive_output_account(current_count); 19 | 20 | let mut instruction_data: Vec = vec![]; 21 | (from, verified_output).serialize(&mut instruction_data)?; 22 | instruction_data = [vec![0], instruction_data].concat(); 23 | 24 | Ok(Instruction::new_with_bytes( 25 | DCAP_PROGRAM_ID, 26 | &instruction_data, 27 | vec![ 28 | AccountMeta::new(from.clone(), true), 29 | AccountMeta::new(DCAP_COUNTER_PUBKEY, false), 30 | AccountMeta::new(pda_derived, false), 31 | AccountMeta::new_readonly(system_program::ID, false), 32 | AccountMeta::new_readonly(sysvar::rent::ID, false), 33 | ], 34 | )) 35 | } 36 | -------------------------------------------------------------------------------- /solana/automata-dcap-client/src/delete.rs: -------------------------------------------------------------------------------- 1 | use solana_sdk::{ 2 | instruction::{AccountMeta, Instruction}, 3 | pubkey::Pubkey, 4 | system_program 5 | }; 6 | 7 | use crate::{derive_output_account, DCAP_PROGRAM_ID}; 8 | 9 | pub fn delete_output_account_instruction(from: &Pubkey, index: u64) -> Instruction { 10 | let index_serialized = u64::to_le_bytes(index); 11 | let instruction_data: Vec = [vec![2], index_serialized.to_vec()].concat(); 12 | let (output_pubkey, _) = derive_output_account(index); 13 | 14 | Instruction::new_with_bytes( 15 | DCAP_PROGRAM_ID, 16 | &instruction_data, 17 | vec![ 18 | AccountMeta::new(from.clone(), true), 19 | AccountMeta::new(output_pubkey, false), 20 | AccountMeta::new_readonly(system_program::ID, false), 21 | ], 22 | ) 23 | } -------------------------------------------------------------------------------- /solana/automata-dcap-client/src/lib.rs: -------------------------------------------------------------------------------- 1 | pub mod create; 2 | pub mod delete; 3 | pub mod verify; 4 | 5 | use anyhow::{Error, Result}; 6 | use solana_rpc_client::rpc_client::RpcClient; 7 | use solana_sdk::{pubkey, pubkey::Pubkey, signature::Signature}; 8 | use solana_transaction_status_client_types::UiTransactionEncoding; 9 | 10 | pub const DCAP_COUNTER_PUBKEY: Pubkey = pubkey!("DcapH8Bt1y6MQHE1hR2Rp1WEBeWfog2Kh9UxtG8UMaNu"); 11 | pub const DCAP_PROGRAM_ID: Pubkey = pubkey!("DcapE9GZZ2KSu6udeW1pVdmqBAHP9NMBLBrxUUYdw1Qk"); 12 | 13 | // gets the current u64 index from the counter. 14 | pub fn get_current_count(rpc_client: &RpcClient) -> Result { 15 | let counter_account_data = rpc_client.get_account_data(&DCAP_COUNTER_PUBKEY)?; 16 | if counter_account_data.len() != 8 { 17 | return Err(Error::msg("Invalid u64 count data")); 18 | } 19 | let current_count = u64::from_le_bytes(counter_account_data[..8].try_into()?); 20 | Ok(current_count) 21 | } 22 | 23 | // computes the PDA account address and canonical bump seed with the given index number 24 | pub fn derive_output_account(index: u64) -> (Pubkey, u8) { 25 | let seeds: &[&[u8]] = &[b"automata-dcap", &u64::to_le_bytes(index)]; 26 | 27 | Pubkey::find_program_address(seeds, &DCAP_PROGRAM_ID) 28 | } 29 | 30 | // parse the account creation transaction to get the index from logs 31 | pub fn get_index_from_create_output_account( 32 | client: &RpcClient, 33 | tx_signature: &Signature, 34 | ) -> Result { 35 | let tx = client.get_transaction(tx_signature, UiTransactionEncoding::Json)?; 36 | 37 | let logs = tx 38 | .transaction 39 | .meta 40 | .unwrap() 41 | .log_messages 42 | .expect("Missing logs"); 43 | 44 | // TEMP: This is assuming that `CreateOutputAccount` is the ONLY instruction in the transaction 45 | // We might need to add a magic string that we could use to easily locate and identify the Counter ID logs 46 | // But then again, Solana runtime doesn't specify the program ID that is emitting the logs... 47 | // So if there are other instructions calling a different program that emits log with our magic string 48 | // Then there is no way we can tell where is it coming from... :( 49 | let index_log = &logs[3]; 50 | let parts: Vec<&str> = index_log.split("ID: ").collect(); 51 | if parts.len() != 2 { 52 | return Err(Error::msg("Invalid log format")); 53 | } 54 | let id_str = parts[1]; 55 | 56 | Ok(id_str.parse()?) 57 | } 58 | -------------------------------------------------------------------------------- /solana/automata-dcap-client/src/verify.rs: -------------------------------------------------------------------------------- 1 | use anyhow::{Error, Result}; 2 | use borsh::BorshSerialize; 3 | use solana_sdk::{ 4 | instruction::{AccountMeta, Instruction}, 5 | pubkey, 6 | pubkey::Pubkey, 7 | system_program 8 | }; 9 | 10 | use crate::{derive_output_account, DCAP_PROGRAM_ID}; 11 | 12 | pub const RISC0_GROTH16_VERIFIER_ADDR: Pubkey = 13 | pubkey!("5HrF6mJAaSFdAym2xZixowzVifPyyzTuTs3viYKdjy4s"); 14 | pub const SP1_DCAP_GROTH16_VERIFIER_ADDR: Pubkey = 15 | pubkey!("2LUaFQTJ7F96A5x1z5sXfbDPM2asGnrQ2hsE6zVDMhXZ"); 16 | 17 | #[derive(Debug, Clone, Copy, BorshSerialize)] 18 | #[repr(u8)] 19 | pub enum ZkvmSelector { 20 | None, 21 | RiscZero, 22 | SP1, 23 | } 24 | 25 | pub fn verify_proof_instruction( 26 | index: u64, 27 | zkvm: ZkvmSelector, 28 | proof_bytes: &[u8], 29 | ) -> Result { 30 | let (pda_derived, _) = derive_output_account(index); 31 | 32 | let mut instruction_data: Vec = vec![]; 33 | (zkvm, proof_bytes).serialize(&mut instruction_data)?; 34 | instruction_data = [vec![1], instruction_data].concat(); 35 | 36 | let verifier_pubkey = match zkvm { 37 | ZkvmSelector::RiscZero => RISC0_GROTH16_VERIFIER_ADDR, 38 | ZkvmSelector::SP1 => SP1_DCAP_GROTH16_VERIFIER_ADDR, 39 | _ => { 40 | return Err(Error::msg("Unknown ZkVM selected")); 41 | } 42 | }; 43 | 44 | Ok(Instruction::new_with_bytes( 45 | DCAP_PROGRAM_ID, 46 | &instruction_data, 47 | vec![ 48 | AccountMeta::new(pda_derived, false), 49 | AccountMeta::new_readonly(verifier_pubkey, false), 50 | AccountMeta::new_readonly(system_program::ID, false), 51 | ], 52 | )) 53 | } 54 | -------------------------------------------------------------------------------- /solana/docs/images/DCAP Solana Diagram.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/automata-network/automata-dcap-attestation/0dff913234f0d857c8d66786b5077405ca05e5ca/solana/docs/images/DCAP Solana Diagram.jpg -------------------------------------------------------------------------------- /solana/programs/automata-dcap-program/Cargo.toml: -------------------------------------------------------------------------------- 1 | [package] 2 | name = "automata-dcap-program" 3 | version.workspace = true 4 | edition.workspace = true 5 | authors.workspace = true 6 | homepage.workspace = true 7 | license.workspace = true 8 | 9 | [lib] 10 | name = "automata_dcap_program" 11 | crate-type = ["cdylib", "lib"] 12 | 13 | [dependencies] 14 | solana-program = { workspace = true } 15 | anyhow = { workspace = true } 16 | borsh = { workspace = true } 17 | sha2 = { workspace = true } 18 | 19 | [features] 20 | no-entrypoint = [] 21 | 22 | [dev-dependencies] 23 | solana-program-test = { version = "=2.1.6" } 24 | solana-sdk = { workspace = true } 25 | hex = { workspace = true } -------------------------------------------------------------------------------- /solana/programs/automata-dcap-program/README.md: -------------------------------------------------------------------------------- 1 | # Automata DCAP Solana Program Guide 2 | 3 | To interact with the program, you must install the following on your machine: 4 | 5 | - [Rust](https://www.rust-lang.org/tools/install) 6 | 7 | - [Solana CLI](https://solana.com/docs/intro/installation) 👉 `v2.1.6` or above 8 | 9 | **Note**: You do not need to install Anchor for this program. 10 | 11 | If this is your first time using Solana on your machine, we recommend checking out the [Solana CLI Basics](https://solana.com/docs/intro/installation#solana-cli-basics) guide. 12 | 13 | --- 14 | 15 | ## Build, Test and Deploy the Program 16 | 17 | Build the program with: 18 | 19 | ```bash 20 | cargo build-sbf 21 | ``` 22 | 23 | Run all tests with: 24 | 25 | ```bash 26 | cargo test-sbf 27 | ``` 28 | 29 | Cargo runs all tests in parallel, and it can get messy with your terminal filling up with logs that can be hard to track. 30 | 31 | We recommend running each test individually. 32 | 33 | ```bash 34 | cargo test-sbf 35 | ``` 36 | 37 | To deploy the program yourself, you must first generate the keypairs for both the program and counter accounts. This requires changes to be made on the constant values at `automata-dcap-program/src/lib.rs` and `automata-dcap-client/src/lib.rs`. 38 | 39 | Run the command below to deploy the program: 40 | 41 | ```bash 42 | solana program deploy --program-id --url [`devnet` || `mainnet-beta` || `localhost`] 43 | ``` 44 | 45 | After deployment of the program, you would need to create the `Counter` account. 46 | 47 | ```bash 48 | SOLANA_RPC_URL= cargo run --bin counter 49 | ``` 50 | 51 | --- 52 | 53 | To learn more about integrating the client into your Rust code, click [here](../../automata-dcap-client/README.md) to read the guide. -------------------------------------------------------------------------------- /solana/programs/automata-dcap-program/src/entrypoint.rs: -------------------------------------------------------------------------------- 1 | use crate::{instruction::ProgramInstruction, processor::process}; 2 | use solana_program::{ 3 | account_info::AccountInfo, entrypoint, entrypoint::ProgramResult, pubkey::Pubkey, 4 | }; 5 | 6 | #[cfg(not(feature = "no-entrypoint"))] 7 | entrypoint!(process_instruction); 8 | 9 | pub fn process_instruction( 10 | program_id: &Pubkey, 11 | accounts: &[AccountInfo], 12 | instruction_data: &[u8], 13 | ) -> ProgramResult { 14 | let instruction = ProgramInstruction::unpack(instruction_data).unwrap(); 15 | process(program_id, accounts, instruction) 16 | } 17 | -------------------------------------------------------------------------------- /solana/programs/automata-dcap-program/src/error.rs: -------------------------------------------------------------------------------- 1 | use solana_program::program_error::ProgramError; 2 | 3 | #[derive(Debug)] 4 | pub enum DcapProgramError { 5 | /// The required signer is not provided in the instruction 6 | MissingRequiredSigner, 7 | /// The program is not the owner of the provided account 8 | InvalidAccountOwner, 9 | /// The provided account does not contain expected data 10 | InvalidAccountData, 11 | /// The provided zkvm selector does not match with a known zkVM 12 | UnknownZkVm, 13 | /// The proof fails to verify 14 | ProofVerificationFailure, 15 | /// The provided account does not match with a known account address 16 | AccountMismatch 17 | } 18 | 19 | impl From for ProgramError { 20 | fn from(error: DcapProgramError) -> Self { 21 | ProgramError::Custom(error as u32) 22 | } 23 | } -------------------------------------------------------------------------------- /solana/programs/automata-dcap-program/src/instruction.rs: -------------------------------------------------------------------------------- 1 | use anyhow::Result; 2 | use borsh::BorshDeserialize; 3 | use solana_program::{program_error::ProgramError, pubkey::Pubkey}; 4 | 5 | #[derive(Debug)] 6 | pub enum ProgramInstruction { 7 | CreateDcapOutputAccount { 8 | close_authority: Pubkey, 9 | verified_output: Vec, 10 | }, 11 | VerifyDcapProof { 12 | zkvm_selector: u8, 13 | proof_bytes: Vec, 14 | }, 15 | DeleteDcapOutputAccount([u8; 8]) 16 | } 17 | 18 | impl ProgramInstruction { 19 | pub fn unpack(instruction_data: &[u8]) -> Result { 20 | let (&tag, mut data) = instruction_data 21 | .split_first() 22 | .ok_or(ProgramError::InvalidInstructionData)?; 23 | 24 | let instruction = match tag { 25 | 0 => { 26 | let (close_authority, verified_output) = 27 | <(Pubkey, Vec)>::deserialize(&mut data)?; 28 | Self::CreateDcapOutputAccount { 29 | close_authority, 30 | verified_output, 31 | } 32 | } 33 | 1 => { 34 | let (zkvm_selector, proof_bytes) = <(u8, Vec)>::deserialize(&mut data)?; 35 | Self::VerifyDcapProof { 36 | zkvm_selector, 37 | proof_bytes, 38 | } 39 | } 40 | 2 => { 41 | let output_id = data[..8].try_into()?; 42 | Self::DeleteDcapOutputAccount(output_id) 43 | }, 44 | _ => { 45 | return Err(ProgramError::InvalidInstructionData.into()); 46 | } 47 | }; 48 | 49 | Ok(instruction) 50 | } 51 | } 52 | -------------------------------------------------------------------------------- /solana/programs/automata-dcap-program/src/lib.rs: -------------------------------------------------------------------------------- 1 | pub mod entrypoint; 2 | pub mod instruction; 3 | pub mod state; 4 | pub mod processor; 5 | pub mod error; 6 | 7 | pub const DCAP_COUNTER_ADDR: &str = "DcapH8Bt1y6MQHE1hR2Rp1WEBeWfog2Kh9UxtG8UMaNu"; 8 | pub const RISC0_GROTH16_VERIFIER_ADDR: &str = "5HrF6mJAaSFdAym2xZixowzVifPyyzTuTs3viYKdjy4s"; 9 | pub const SP1_DCAP_GROTH16_VERIFIER_ADDR: &str = "2LUaFQTJ7F96A5x1z5sXfbDPM2asGnrQ2hsE6zVDMhXZ"; 10 | 11 | #[cfg(test)] 12 | mod tests; -------------------------------------------------------------------------------- /solana/programs/automata-dcap-program/src/processor/risc0.rs: -------------------------------------------------------------------------------- 1 | pub const DCAP_IMAGE_ID: [u8; 32] = [ 2 | 194, 234, 254, 27, 160, 22, 16, 243, 183, 18, 129, 249, 221, 50, 128, 179, 61, 151, 55, 11, 3 | 182, 141, 58, 218, 41, 37, 211, 145, 190, 36, 94, 16, 4 | ]; 5 | 6 | pub const RISCZERO_GROTH16_VERIFY_INSTRUCTION_DISCRIMINATOR: [u8; 8] = 7 | [133, 161, 141, 48, 120, 198, 88, 150]; -------------------------------------------------------------------------------- /solana/programs/automata-dcap-program/src/processor/sp1.rs: -------------------------------------------------------------------------------- 1 | use borsh::{BorshDeserialize, BorshSerialize}; 2 | 3 | #[derive(BorshDeserialize, BorshSerialize)] 4 | pub struct SP1Groth16Proof { 5 | pub proof: Vec, 6 | /// SHA256 of the public inputs 7 | pub sp1_public_inputs_hash: Vec, 8 | } -------------------------------------------------------------------------------- /solana/programs/automata-dcap-program/src/state.rs: -------------------------------------------------------------------------------- 1 | use borsh::{BorshSerialize, BorshDeserialize}; 2 | use solana_program::pubkey::Pubkey; 3 | 4 | #[derive(Debug, BorshSerialize, BorshDeserialize)] 5 | pub struct CounterAccountData { 6 | count: u64 7 | } 8 | 9 | impl CounterAccountData { 10 | pub fn new() -> Self { 11 | CounterAccountData {count: 0} 12 | } 13 | 14 | pub fn increment(&mut self) { 15 | self.count += 1; 16 | } 17 | 18 | pub fn current_count(&self) -> u64 { 19 | self.count 20 | } 21 | } 22 | 23 | #[derive(Debug, BorshSerialize, BorshDeserialize)] 24 | pub struct OutputAccountData { 25 | pub close_authority: Pubkey, 26 | pub verified: bool, 27 | pub output: Vec 28 | } -------------------------------------------------------------------------------- /solana/programs/automata-dcap-program/src/tests/counter.rs: -------------------------------------------------------------------------------- 1 | use super::setup_test; 2 | use borsh::BorshDeserialize; 3 | use solana_program_test::tokio; 4 | use solana_sdk::account::ReadableAccount; 5 | 6 | use crate::state::CounterAccountData; 7 | 8 | #[tokio::test] 9 | async fn test_counter_account_creation() { 10 | let test_env = setup_test().await; 11 | let counter_account = test_env 12 | .banks_client 13 | .get_account(test_env.counter_account) 14 | .await 15 | .unwrap() 16 | .unwrap(); 17 | let counter_account_data = counter_account.data.clone(); 18 | 19 | // check account owner 20 | assert_eq!(counter_account.owner, test_env.program_id); 21 | 22 | // check account data size 23 | assert_eq!(counter_account_data.len(), 8usize); 24 | 25 | // check account should not be executable 26 | assert!(!counter_account.executable()); 27 | 28 | // check account data 29 | let counter_account_state = 30 | CounterAccountData::deserialize(&mut counter_account_data.as_slice()).unwrap(); 31 | assert_eq!(counter_account_state.current_count(), 0u64); 32 | } 33 | -------------------------------------------------------------------------------- /solana/programs/automata-dcap-program/src/tests/delete.rs: -------------------------------------------------------------------------------- 1 | use super::{setup_test, store_verified_output, TestEnv}; 2 | use anyhow::Result; 3 | use solana_program_test::tokio; 4 | use solana_sdk::{ 5 | instruction::{AccountMeta, Instruction}, 6 | pubkey::Pubkey, 7 | signer::Signer, 8 | system_program, 9 | transaction::Transaction, 10 | }; 11 | 12 | #[tokio::test] 13 | async fn test_delete_output_account() { 14 | let test_env = setup_test().await; 15 | 16 | // these outputs can be obtained from the autaomta-dcap-zkvm-cli repo. 17 | // see: https://github.com/automata-network/automata-dcap-zkvm-cli/ 18 | 19 | let verified_output_bytes = hex::decode("02550004000000810790c06f000000040102000000000000000000000000009790d89a10210ec6968a773cee2ca05b5aa97309f36727a968527be4606fc19e6f73acce350946c9d46a9bf7a63f843000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000080e702060000000000f2dd2696f69b950645832bdc095ffd11247eeff687eeacdb57a58d2ddb9a9f94fea40c961e19460c00ffa31420ecbc180000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000998204508d58dcbfebe5e11c48669f7a921ac2da744dfb7d014ecdff2acdff1c9f665fdad52aadacf296a1df9909eb2383d100224f1716aeb431f7cb3cf028197dbd872487f27b0f6329ab17647dc9953c7014109818634f879e6550bc60f93eecfc42ff4d49278bfdbb0c77e570f4490cff10a2ee1ac11fbd2c2b49fa6cfa3cf1a1cb755c72522dd8a689e9d47906a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000278e753482976c8a7351fe2113609c7350d491cdae3d449eefc202fa41b2ad6840239cc2ba084c2d594b4e6dabeae0fcbf71c96daf0d0c9ecf0e9810c045790000000000678a107443c84ad5632ba264b434183c560d14b33b444e1e70b97a48d2d0cc66a5abae0b0de0b5aae34431815b937f711d928b600cd16c8e239e4d0745c138192e1ab4880fa74a3f32c80b978c8ad671395dabf24283eef9091bc3919fd39b9915a87f1adf3061c165c0191e2658256a2855cac9267f179aafb1990c9e918d6452816adf9953f245d005b9d7d8e36a842a60b51e5cf85b2c2072ae397c178535c9985b77e9c390c66c953d010f6cfea08cf5280cbb312b0648e0c968bbd2eeeb72af0f9f").unwrap(); 20 | 21 | // store verified output 22 | let stored = store_verified_output(&test_env, &verified_output_bytes).await; 23 | assert!(stored.is_ok()); 24 | 25 | // check output account state 26 | let output_pda_pubkey = stored.unwrap(); 27 | let output_pda_account = test_env 28 | .banks_client 29 | .get_account(output_pda_pubkey.clone()) 30 | .await 31 | .unwrap() 32 | .unwrap(); 33 | 34 | let mut payer_account = test_env 35 | .banks_client 36 | .get_account(test_env.payer_keypair.pubkey().clone()) 37 | .await 38 | .unwrap() 39 | .unwrap(); 40 | 41 | let output_pda_rent_exempt_lamports_before = output_pda_account.lamports; 42 | let payer_account_lamports_before = payer_account.lamports; 43 | 44 | assert!(delete_output_account(&test_env, 0, &output_pda_pubkey) 45 | .await 46 | .is_ok()); 47 | 48 | // output_pda_account has been deleted 49 | let output_pda_account_is_none = test_env 50 | .banks_client 51 | .get_account(output_pda_pubkey.clone()) 52 | .await 53 | .unwrap() 54 | .is_none(); 55 | assert!(output_pda_account_is_none); 56 | 57 | payer_account = test_env 58 | .banks_client 59 | .get_account(test_env.payer_keypair.pubkey().clone()) 60 | .await 61 | .unwrap() 62 | .unwrap(); 63 | let payer_account_lamports_after = payer_account.lamports; 64 | let payer_account_lamports_diff = payer_account_lamports_after - payer_account_lamports_before; 65 | assert_eq!( 66 | payer_account_lamports_diff, 67 | output_pda_rent_exempt_lamports_before - 5000 // 5000 lamports paid for txn fee 68 | ); 69 | } 70 | 71 | async fn delete_output_account(env: &TestEnv, index: u64, output_pubkey: &Pubkey) -> Result<()> { 72 | let index_serialized = u64::to_le_bytes(index); 73 | 74 | let payer_pubkey = env.payer_keypair.pubkey().clone(); 75 | let program_id = env.program_id.clone(); 76 | 77 | let instruction_data: Vec = [vec![2], index_serialized.to_vec()].concat(); 78 | 79 | let instruction = Instruction::new_with_bytes( 80 | program_id, 81 | &instruction_data, 82 | vec![ 83 | AccountMeta::new(payer_pubkey, true), 84 | AccountMeta::new(output_pubkey.clone(), false), 85 | AccountMeta::new_readonly(system_program::ID, false), 86 | ], 87 | ); 88 | 89 | let recent_blockhash = &env.banks_client.get_latest_blockhash().await?; 90 | 91 | let mut tx = Transaction::new_with_payer(&[instruction], Some(&payer_pubkey)); 92 | tx.sign(&[&env.payer_keypair], *recent_blockhash); 93 | env.banks_client.process_transaction(tx).await?; 94 | 95 | Ok(()) 96 | } 97 | -------------------------------------------------------------------------------- /solana/programs/automata-dcap-program/src/tests/fixtures/dcap_sp1_program.so: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/automata-network/automata-dcap-attestation/0dff913234f0d857c8d66786b5077405ca05e5ca/solana/programs/automata-dcap-program/src/tests/fixtures/dcap_sp1_program.so -------------------------------------------------------------------------------- /solana/programs/automata-dcap-program/src/tests/fixtures/groth_16_verifier.so: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/automata-network/automata-dcap-attestation/0dff913234f0d857c8d66786b5077405ca05e5ca/solana/programs/automata-dcap-program/src/tests/fixtures/groth_16_verifier.so -------------------------------------------------------------------------------- /solana/programs/automata-dcap-program/src/tests/risc0.rs: -------------------------------------------------------------------------------- 1 | use super::{get_current_count, send_proof_to_verify, setup_test, store_verified_output}; 2 | use crate::state::OutputAccountData; 3 | use borsh::BorshDeserialize; 4 | use solana_program_test::tokio; 5 | use solana_sdk::signer::Signer; 6 | 7 | /// Consumed 363k CU 8 | #[tokio::test] 9 | async fn test_risc0_dcap_verifier() { 10 | 11 | let test_env = setup_test().await; 12 | 13 | // these outputs can be obtained from the autaomta-dcap-zkvm-cli repo. 14 | // see: https://github.com/automata-network/automata-dcap-zkvm-cli/ 15 | 16 | let proof_bytes = hex::decode("1850aa52559f1d4a858a48b788b52bdd963888e29465a59ca4dace241ad1aeef2b1796d0acb6ea9f4d77a60a0555f28c85867e62b91ac8d0473ff017c88883da077c6be0d1140a77f0ab695679470472cc32f55ebdcf735e9d52ff4a53d3b685020772e77e8e94578796fd6cc122420a77c1c0ba8dff1c6e07e53e30da46d483147732f37ffb72fda399256a551beb49da688ea7cbdcf268fbc15695c3db42a40569e5093c75654a1390cb1fe9c57c360a8f338f66d61ae1115d4584faecc36f238a9eb4cfecea8d3e4995a354dbe5c4bc12db6a12da41e376931548110fb3c008c01d08cf9e8afb7fe661befbb5afce139c9a1ba1b6c10562645ce60954ab48").unwrap(); 17 | let verified_output_bytes = hex::decode("02550004000000810790c06f000000040102000000000000000000000000009790d89a10210ec6968a773cee2ca05b5aa97309f36727a968527be4606fc19e6f73acce350946c9d46a9bf7a63f843000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000080e702060000000000f2dd2696f69b950645832bdc095ffd11247eeff687eeacdb57a58d2ddb9a9f94fea40c961e19460c00ffa31420ecbc180000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000998204508d58dcbfebe5e11c48669f7a921ac2da744dfb7d014ecdff2acdff1c9f665fdad52aadacf296a1df9909eb2383d100224f1716aeb431f7cb3cf028197dbd872487f27b0f6329ab17647dc9953c7014109818634f879e6550bc60f93eecfc42ff4d49278bfdbb0c77e570f4490cff10a2ee1ac11fbd2c2b49fa6cfa3cf1a1cb755c72522dd8a689e9d47906a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000278e753482976c8a7351fe2113609c7350d491cdae3d449eefc202fa41b2ad6840239cc2ba084c2d594b4e6dabeae0fcbf71c96daf0d0c9ecf0e9810c04579000000000067a1c97526bfe4de343d160db8c6e91dfa058e2669f130a165acdf3d29ddbcead7ae195e472509cb7f6530561a16654d93b5c51206af4a6a874d59f8da5d5f93e25496040fa74a3f32c80b978c8ad671395dabf24283eef9091bc3919fd39b9915a87f1adf3061c165c0191e2658256a2855cac9267f179aafb1990c9e918d6452816adf9953f245d005b9d7d8e36a842a60b51e5cf85b2c2072ae397c178535c9985b77ddda10bf8d35a769eecc37227eccfc994fe037229a6eef201cf84a14cbf472b9").unwrap(); 18 | 19 | // store verified output 20 | let stored = store_verified_output(&test_env, &verified_output_bytes).await; 21 | assert!(stored.is_ok()); 22 | 23 | // check counter account state 24 | assert_eq!(get_current_count(&test_env).await.unwrap(), 1u64); 25 | 26 | // check output account state 27 | let output_pda_pubkey = stored.unwrap(); 28 | let mut output_pda_account = test_env 29 | .banks_client 30 | .get_account(output_pda_pubkey.clone()) 31 | .await 32 | .unwrap() 33 | .unwrap(); 34 | let mut output_pda_account_state = 35 | OutputAccountData::deserialize(&mut output_pda_account.data.as_slice()).unwrap(); 36 | 37 | // check account owner 38 | assert_eq!(output_pda_account.owner, test_env.program_id); 39 | 40 | // check account data 41 | assert_eq!(output_pda_account_state.verified, false); 42 | assert_eq!( 43 | output_pda_account_state.close_authority, 44 | test_env.payer_keypair.pubkey() 45 | ); 46 | assert_eq!(output_pda_account_state.output, verified_output_bytes); 47 | 48 | assert!(send_proof_to_verify(&test_env, 0, 1, &proof_bytes) 49 | .await 50 | .is_ok()); 51 | 52 | // check output account state 53 | output_pda_account = test_env 54 | .banks_client 55 | .get_account(output_pda_pubkey.clone()) 56 | .await 57 | .unwrap() 58 | .unwrap(); 59 | output_pda_account_state = 60 | OutputAccountData::deserialize(&mut output_pda_account.data.as_slice()).unwrap(); 61 | 62 | assert_eq!(output_pda_account_state.verified, true); 63 | } 64 | -------------------------------------------------------------------------------- /solana/programs/automata-dcap-program/src/tests/sp1.rs: -------------------------------------------------------------------------------- 1 | use super::{get_current_count, send_proof_to_verify, setup_test, store_verified_output}; 2 | use crate::state::OutputAccountData; 3 | use borsh::BorshDeserialize; 4 | use solana_program_test::tokio; 5 | use solana_sdk::signer::Signer; 6 | 7 | // Consumed 363k CU 8 | #[tokio::test] 9 | async fn test_sp1_dcap_verifier() { 10 | let test_env = setup_test().await; 11 | 12 | // these outputs can be obtained from the autaomta-dcap-zkvm-cli repo. 13 | // see: https://github.com/automata-network/automata-dcap-zkvm-cli/ 14 | 15 | let verified_output_bytes = hex::decode("02550004000000810790c06f000000040102000000000000000000000000009790d89a10210ec6968a773cee2ca05b5aa97309f36727a968527be4606fc19e6f73acce350946c9d46a9bf7a63f843000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000080e702060000000000f2dd2696f69b950645832bdc095ffd11247eeff687eeacdb57a58d2ddb9a9f94fea40c961e19460c00ffa31420ecbc180000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000998204508d58dcbfebe5e11c48669f7a921ac2da744dfb7d014ecdff2acdff1c9f665fdad52aadacf296a1df9909eb2383d100224f1716aeb431f7cb3cf028197dbd872487f27b0f6329ab17647dc9953c7014109818634f879e6550bc60f93eecfc42ff4d49278bfdbb0c77e570f4490cff10a2ee1ac11fbd2c2b49fa6cfa3cf1a1cb755c72522dd8a689e9d47906a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000278e753482976c8a7351fe2113609c7350d491cdae3d449eefc202fa41b2ad6840239cc2ba084c2d594b4e6dabeae0fcbf71c96daf0d0c9ecf0e9810c04579000000000067a1dbde26bfe4de343d160db8c6e91dfa058e2669f130a165acdf3d29ddbcead7ae195e472509cb7f6530561a16654d93b5c51206af4a6a874d59f8da5d5f93e25496040fa74a3f32c80b978c8ad671395dabf24283eef9091bc3919fd39b9915a87f1adf3061c165c0191e2658256a2855cac9267f179aafb1990c9e918d6452816adf9953f245d005b9d7d8e36a842a60b51e5cf85b2c2072ae397c178535c9985b77ddda10bf8d35a769eecc37227eccfc994fe037229a6eef201cf84a14cbf472b9").unwrap(); 16 | let proof_bytes = hex::decode("11b6a09d247a10eea2c2409da769d64665b59671c68dece9198374308d667c5c7adc161a13c5dded6b7e88cec9d0fef3fd0d5ded4adc10d1e3430fc8d681a86e53387c2b02e20b554bc99bdca457e5cf792a9c5c1a0bfdaed725d22d41915f346b9eb7b621a39ad875adc029dc896ed63e2f5375c191dd69adb3ab5dd76953c04feab424067389d4acdb37e34abf6710e58f41f380409d8fef9b65f448f1648d1521a5f61d8f8af5bdbde06a613a84caa6c746fd22152ca39e2a8096541bdba87eb12ca60ce6e4ba1ece864d47c3e53a9c61b3fd63abb9c2deafa3b369ef59cb16d0c6e30ce33c6404bf695e99150f5fcb072559df13af89e78232c53c5fc0a574bdede7").unwrap(); 17 | 18 | // store verified output 19 | let stored = store_verified_output(&test_env, &verified_output_bytes).await; 20 | assert!(stored.is_ok()); 21 | 22 | // check counter account state 23 | assert_eq!(get_current_count(&test_env).await.unwrap(), 1u64); 24 | 25 | // check output account state 26 | let output_pda_pubkey = stored.unwrap(); 27 | let mut output_pda_account = test_env 28 | .banks_client 29 | .get_account(output_pda_pubkey.clone()) 30 | .await 31 | .unwrap() 32 | .unwrap(); 33 | let mut output_pda_account_state = 34 | OutputAccountData::deserialize(&mut output_pda_account.data.as_slice()).unwrap(); 35 | 36 | // check account owner 37 | assert_eq!(output_pda_account.owner, test_env.program_id); 38 | 39 | // check account data 40 | assert_eq!(output_pda_account_state.verified, false); 41 | assert_eq!( 42 | output_pda_account_state.close_authority, 43 | test_env.payer_keypair.pubkey() 44 | ); 45 | assert_eq!(output_pda_account_state.output, verified_output_bytes); 46 | 47 | assert!(send_proof_to_verify(&test_env, 0, 2, &proof_bytes) 48 | .await 49 | .is_ok()); 50 | 51 | // check output account state 52 | output_pda_account = test_env 53 | .banks_client 54 | .get_account(output_pda_pubkey.clone()) 55 | .await 56 | .unwrap() 57 | .unwrap(); 58 | output_pda_account_state = 59 | OutputAccountData::deserialize(&mut output_pda_account.data.as_slice()).unwrap(); 60 | 61 | assert_eq!(output_pda_account_state.verified, true); 62 | } 63 | -------------------------------------------------------------------------------- /solana/programs/dcap-sp1-solana-program/Cargo.toml: -------------------------------------------------------------------------------- 1 | [package] 2 | name = "dcap-sp1-solana-program" 3 | version = { workspace = true } 4 | edition = { workspace = true } 5 | authors = { workspace = true } 6 | homepage = { workspace = true } 7 | license = { workspace = true } 8 | 9 | [lib] 10 | crate-type = ["cdylib", "lib"] 11 | 12 | [dependencies] 13 | borsh = { workspace = true } 14 | solana-program = { workspace = true } 15 | sp1-solana = { git = "https://github.com/succinctlabs/sp1-solana" } 16 | hex = { workspace = true } 17 | sha2 = { workspace = true } 18 | 19 | [features] 20 | no-entrypoint = [] -------------------------------------------------------------------------------- /solana/programs/dcap-sp1-solana-program/src/lib.rs: -------------------------------------------------------------------------------- 1 | use borsh::{BorshDeserialize, BorshSerialize}; 2 | use sha2::{Digest, Sha256}; 3 | use solana_program::{ 4 | account_info::AccountInfo, entrypoint::ProgramResult, msg, program_error::ProgramError, 5 | pubkey::Pubkey, 6 | }; 7 | use sp1_solana::verify_proof_raw; 8 | 9 | #[cfg(not(feature = "no-entrypoint"))] 10 | solana_program::entrypoint!(process_instruction); 11 | 12 | #[derive(BorshDeserialize, BorshSerialize)] 13 | pub struct SP1Groth16Proof { 14 | pub proof: Vec, 15 | /// SHA256 of the public inputs 16 | pub sp1_public_inputs_hash: Vec, 17 | } 18 | 19 | pub const DCAP_VKEY_HASH: &str = 20 | "0x004be684aaf90b70fb2d8f586ec96c36cee5f6533850b14e8b5568f4dbf31f8e"; 21 | 22 | pub fn process_instruction( 23 | _program_id: &Pubkey, 24 | _accounts: &[AccountInfo], 25 | instruction_data: &[u8], 26 | ) -> ProgramResult { 27 | // Deserialize the SP1Groth16Proof from the instruction data. 28 | let mut groth16_proof = SP1Groth16Proof::try_from_slice(instruction_data) 29 | .map_err(|_| ProgramError::InvalidInstructionData)?; 30 | 31 | // Get the SP1 Groth16 verification key from the `sp1-solana` crate. 32 | let sp1_verifier_vk = sp1_solana::GROTH16_VK_4_0_0_RC3_BYTES; 33 | 34 | // Get the first 4 bytes of the hash 35 | let sp1_verifier_vk_hash_prefix: [u8; 4] = 36 | Sha256::digest(sp1_verifier_vk)[..4].try_into().unwrap(); 37 | 38 | // first, we need to zero out the first 3 bits of the hash 39 | let committed_values_digest = 40 | preprocess_public_inputs_hash(groth16_proof.sp1_public_inputs_hash.as_mut_slice()); 41 | 42 | // next, we need to use the vkey hash and then processed input hash to generate the groth16 public input 43 | let groth16_public_inputs = groth16_public_values(&committed_values_digest); 44 | 45 | // Check the proof selector to match with SP1 V4 Groth16 VK Hash 46 | if sp1_verifier_vk_hash_prefix != groth16_proof.proof[..4] { 47 | return Err(ProgramError::InvalidInstructionData); 48 | } 49 | 50 | // Verify the proof. 51 | verify_proof_raw( 52 | &groth16_proof.proof[4..], 53 | &groth16_public_inputs, 54 | sp1_verifier_vk, 55 | ) 56 | .map_err(|_| ProgramError::InvalidAccountData)?; 57 | 58 | msg!("Successfully verified proof!"); 59 | 60 | Ok(()) 61 | } 62 | 63 | fn preprocess_public_inputs_hash(sp1_public_inputs_hash: &mut [u8]) -> [u8; 32] { 64 | // The Groth16 verifier operates over a 254 bit field (BN254), so we need to zero 65 | // out the first 3 bits. The same logic happens in the SP1 Ethereum verifier contract. 66 | sp1_public_inputs_hash[0] = sp1_public_inputs_hash[0] & 0x1F; 67 | 68 | sp1_public_inputs_hash[0..32] 69 | .try_into() 70 | .expect("Invalid public input hash") 71 | } 72 | 73 | /// Formats the sp1 vkey hash and public inputs for use in the Groth16 verifier. 74 | fn groth16_public_values(committed_values_digest: &[u8]) -> Vec { 75 | let vkey_hash_bytes = hex::decode(&DCAP_VKEY_HASH[2..]).unwrap(); 76 | [ 77 | vkey_hash_bytes[1..].to_vec(), 78 | committed_values_digest.to_vec(), 79 | ] 80 | .concat() 81 | } 82 | --------------------------------------------------------------------------------